Head of Security & Compliance
Duchnice (pow. warszawski zachodni)

Boost your career with us

Polpharma Biologics is a state-of-the-art biological R&D and manufacturing facility, one of the most modern in Europe. We have a fantastic, international team of experienced experts and dynamic young scientists with common goals and values. Biotechnology is our passion.

Together we develop medicines, offering a new hope to patients suffering from serious diseases. We create a passionate and friendly workplace environment. Join us!

Your responsibilities

  • Facilitating an information security governance structure through the implementation of a hierarchical governance program, including the formation of an information security steering committee or advisory board.
  • Providing regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program, thus supporting business outcomes.
  • Working with the vendor management to ensure that information security requirements are included in contracts by liaising with vendor management and procurement organizations.
  • Direct the creation of a targeted information security awareness training program for all employees, contractors and approved system users, and establishes metrics to measure the effectiveness of this security training program for the different audiences.
  • Understand and interact with related disciplines, either directly or through committees, to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management.
  • Provide clear risk mitigating directives for projects with components in IT, including the mandatory application of controls.
  • Embed Cyber Judgement across a decentralized or distributed decision making model.
  • Leading the information security function across the company to ensure consistent and high-quality information security management in support of the business goals
  • Creating and managing a unified and flexible, risk-based control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations.
  • Liaising with the enterprise architecture team to build alignment between the security and enterprise (reference) architectures, thus ensuring that information security requirements are implicit in these architectures and security is built in by design

If you have

  • Degree in business administration or a technology-related field, or equivalent work- or education-related experience.
  • Extensive experience (10+ years) in Information Security, Technology Risk Management, IT Audit, and/or IT Compliance functions.
  • Experience within the Pharmaceutical industry, GAMP 5 and working within a GxP environment.
  • Demonstrated experience and success in senior leadership roles in risk management, information security, and IT or OT security.
  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials.
  • Experience successfully executing programs that meet the objectives of excellence in a dynamic business environment.
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
  • Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies.
  • Excellent written and verbal communication skills.
  • Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only "dotted line" reporting lines exist.
  • Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
  • Project management skills: financial/budget management, scheduling and resource management.

We offer

  • Private healthcare
  • Life insurance
  • Private pension plan
  • Relocation package
  • and moreā€¦
Join our Team!

Why you should work with us

Contact us
[email protected]