Group Cloud Security Officer (m/f/d)

KRUK S.A. is one of Europe's leading debt collection firms. The role involves making a real impact in information security, influencing security strategies, and working across borders to establish new standards in information security. The company promotes a strong security culture globally and is dedicated to an inclusive recruitment process focused on competencies and growth.

• Minimum 3 years of hands-on experience in cloud security with practical knowledge of Azure, Microsoft 365, and GCP security tools, ideally within a financial institution.
• Willingness to engage in IT security audits.
• Strong documentation skills and attention to detail.
• Fluent in English and Polish, with proficiency at B2 level or higher.
• Understanding of information security standards such as ISO27001.
• Familiarity with data protection laws and project management basics.
• Active approach towards managing risks.

Optional:

• University degree in IT, engineering, or related field.
• Certifications such as CISP, CISA, CISM.
• Awareness of ISO27001, DORA, PFSA (KNF) Security Guidelines, and other security standards.
• Knowledge of cloud computing best practices, especially with Microsoft Azure and Microsoft 365.
• Microsoft Azure and Google Cloud certifications.

• Define and monitor the cloud security management framework.
• Design and monitor group information security standards for various cloud platforms (Azure, GCP) to ensure uniform security across the Capital Group.
• Support the risk assessment process and drive compliance and risk mitigation strategies.
• Create and deliver straightforward security awareness training programs.
• Align the Security Policy with guidelines published by the Polish Financial Supervision Authority (KNF) for regulatory compliance.
• Keep up with industry best practices in IT security and apply them within the organization.
• Collaborate with the headquarters' Cybersecurity Team and Security Representatives from other countries for consistent information security.
• Review and provide feedback on security aspects of IT tools and business partnerships.
• Maintain direct communication with international security teams to ensure a united security effort.