At Uni Systems, we are working towards turning digital visions into reality. We are continuously growing and we are looking for a professional Cybersecurity Risk Manager to join our UniQue Warsaw team.
What will you be bringing to the team?
- Develop and maintain the organisation's cybersecurity risk management strategy.
- Manage and maintain the inventory of organisational assets.
- Identify and assess cybersecurity threats and vulnerabilities affecting ICT systems.
- Analyse the threat landscape, including attacker profiles, threat actors, attack techniques, and potential impacts.
- Assess cybersecurity risks and recommend appropriate risk treatment options, including mitigation, avoidance, transfer, and acceptance strategies.
- Define and recommend security controls aligned with organisational objectives and risk appetite.
- Monitor the effectiveness of implemented cybersecurity controls and associated risk levels.
- Ensure cybersecurity risks affecting organisational assets remain within acceptable levels.
- Develop, maintain, communicate, and report on the complete cybersecurity risk management lifecycle.
Requirements
What do you need to succeed in this position?
- Master Degree + at least 9 years of relevant professional experience in Information Technology and at least 6 years of experience in cybersecurity risk management or a comparable information security role.
Minimum (4) of the following certifications, or internationally recognized equivalents:
- CISSP – Certified Information Systems Security Professional
- CISA – Certified Information Systems Auditor
- CISM – Certified Information Security Manager
- GSNA – GIAC Certified Systems and Network Auditor
- GCCC – GIAC Certified Critical Controls Certification
- ISO 27001 Lead Implementer
- ISO 27001 Lead Auditor
- ISO 27005 Risk Manager
- CAP – Certified Authorization Professional
- CRISC – Certified in Risk and Information Systems Control
- CISSP-ISSMP – Information Systems Security Management Professional
- GIAC Certified ISO-27000 Specialist
- Demonstrate knowledge and experience in conducting cybersecurity risk assessments and analyses to identify threats, classify assets, evaluate vulnerabilities, and define appropriate controls.
- Implement cybersecurity risk management frameworks, methodologies, standards, and guidelines, ensuring alignment with industry best practices.
- Support risk-informed decision-making for business owners, executives, and stakeholders.
- Promote awareness, adherence, and a risk-aware culture across the organization.
- Apply recognized risk management frameworks, methodologies, tools, and standards.
- Understand cyber threat landscapes, threat taxonomies, and vulnerability repositories.
- Evaluate risk treatment strategies, including risk mitigation, avoidance, transfer, and sharing options.
- Design, assess, monitor, and test the effectiveness of technical and organisational security controls.
- Analyse and consolidate organisational risk and quality management practices.
- Prepare and deliver reports, presentations, and recommendations to technical and managerial stakeholders.
- Conduct Business Impact Assessments (BIA).
- Implement risk assessment processes using ServiceNow GRC.
- Prepare personal data protection and privacy documentation.
- Use graphical and programmatic threat modelling techniques, including within DevOps environments.
- Design and implement Zero Trust Architecture principles.
- Apply Secure Software Development Lifecycle (Secure SDLC) practices.
- Design security controls for protecting Directory Services environments
- English proficiency at Level C1 or higher.
At Uni Systems, we are providing equal employment opportunities and banning any form of discrimination on grounds of gender, religion, race, color, nationality, disability, social class, political beliefs, age, marital status, sexual orientation or any other characteristics. Take a look at our Diversity, Equality & Inclusion Policy for more information.