Senior Information Security Analyst

Ringier Axel Springer Polska operates in a complex environment with multiple business segments, hundreds of digital products, and regulations such as NIS2 and KSC. The company is experiencing a growing scale of AI applications and distributes information security responsibilities across many teams.

• 5+ years of experience in information security including independently leading implementation projects
• Strong knowledge of risk and incident management in organizational practice
• Project management skills: planning and stakeholder management
• Ability to combine regulatory (NIS2, KSC), technical, and business perspectives
• Persuasive communication skills to justify security decisions in business and operational terms
• English language proficiency at B2/C1 level

Nice to have:

• Lead Auditor ISO 27001 certification (as competence confirmation, not mandatory)
• Knowledge of NIST, CIS Critical Security Controls, AI Act
• Agile PM or PRINCE2 certification
• Technical knowledge: Active Directory/Entra ID, networks, cloud (AWS/Azure/GCP), CI/CD

• Design and implement end-to-end security management systems (ISMS, BCMS, AIMS) balancing regulatory requirements, operational realities, and business goals
• Define and develop risk and incident management methodologies appropriate to the organization's risk profile
• Act as an auditor by planning schedules and conducting audits of internal units focusing on real gaps and improvement opportunities beyond compliance
• Build a cybersecurity awareness strategy within the organization
• Participate in selecting security architecture (SOC & SIEM, tools, and services)
• Independently lead security initiatives from diagnosis through implementation and evaluation
• Advise product teams on security-related decisions, helping to consciously choose between risk, cost, and time
• Report security status to management in business-understandable language
• Support and develop less experienced team members