IT Operations & Cybersecurity Specialist

Scandinavian Reach Technologies AS is hiring for an IT Operations & Cybersecurity Specialist role based in Poland with remote/home-based work by default and a shared office space available in Gdańsk. The company focuses on maintaining secure, reliable IT infrastructure and is progressing towards ISO 27001 certification.

Required:

• Solid working knowledge of IT infrastructure including Azure, internal systems, and system monitoring.
• Proficiency in Windows and Linux administration.
• Understanding of DNS, DHCP, VLANs, VPNs, and firewalls.
• Experience with Azure or comparable cloud platforms.
• Comfortable with ticketing systems and building SLA/uptime reporting for non-technical stakeholders.
• General awareness of IT security best practices with willingness to develop ISO 27001 and risk management skills.
• Ability to explain technical topics clearly to non-technical stakeholders.
• Genuine curiosity about cybersecurity/compliance and/or applied AI.
• 2+ years in IT operations, infrastructure, or support roles.

Preferred (Nice to Have):

• Exposure to ISO 27001, ISMS, or other compliance frameworks.
• Hands-on experience with AI-assisted tools in IT, development, or operations.
• Familiarity with ITIL/ITSM principles.
• Scripting/automation experience (Python, Bash, or similar).
• Experience in maritime, IoT, or OT-adjacent industries.

IT Operations & Service Visibility (Core):

• Ensure consistent monitoring of internal and field-deployed systems with timely incident detection, triage, and resolution.
• Oversee internal systems, Azure cloud services, and IT/IoT equipment deployed on customer vessels.
• Configure, monitor, and optimize Azure infrastructure for performance and cost-efficiency.
• Provide expert-level support for core platforms (Azure, Office 365, Atlassian Confluence, Salesforce) and act as a senior escalation point.
• Manage onboarding/offboarding, access control, and provisioning of equipment shipments.
• Develop, maintain, and test disaster recovery and business continuity plans.
• Own reporting and analysis of service ticket lifecycle, SLA adherence, breach trends, and uptime metrics.
• Act as the link between Customer Success and technical/DevOps teams, translating field signals into technical priorities.

Cybersecurity & ISO 27001 (Growth Track):

• Lead the path toward ISO 27001 certification including gap assessment, control implementation, documentation, and audit.
• Build and maintain a cybersecurity risk register; coordinate vulnerability assessments and track remediation.
• Own the company-wide security awareness program and report completion status to leadership.

Applied AI (Growth Track):

• Explore and apply AI-assisted approaches to IT operations such as monitoring, ticket triage, documentation, and automation.
• Act as a resource for colleagues adopting AI tools and share practical examples.
• Help establish guardrails for responsible AI tool use, especially regarding security and customer data.

Responsibility & Impact:

• Ensure stability, security, and availability of internal and customer-facing IT estate.
• Accountable for service ticket SLA reporting and uptime visibility.
• Identify and remove bottlenecks between field/customer-facing teams and technical organization.
• Carry out other reasonable management requests.

Scope for Impact / Authority:

• Enforce security policy and access control decisions.
• Escalate activities introducing material security or compliance risk.
• Propose and adjust service ticket SLAs and escalation paths.
• Build and maintain cross-functional relationships to meet security, quality, and uptime goals.
• Drive continuous improvement of IT operations, security, and AI adoption.

Informujemy, że administratorem danych jest Scandinavian Reach Technologies AS (dalej jako "administrator"). Masz prawo do żądania dostępu do swoich danych osobowych, ich sprostowania, usunięcia lub ograniczenia przetwarzania, prawo do wniesienia sprzeciwu wobec przetwarzania, a także prawo do przenoszenia danych oraz wniesienia skargi do organu nadzorczego. Dane osobowe przetwarzane będą w celu realizacji procesu rekrutacji. Podanie danych w zakresie wynikającym z ustawy z dnia 26 czerwca 1974 r. Kodeks pracy jest obowiązkowe. W pozostałym zakresie podanie danych jest dobrowolne. Odmowa podania danych obowiązkowych może skutkować brakiem możliwości przeprowadzenia procesu rekrutacji. Administrator przetwarza dane obowiązkowe na podstawie ciążącego na nim obowiązku prawnego, zaś w zakresie danych dodatkowych podstawą przetwarzania jest zgoda. Dane osobowe będą przetwarzane do czasu zakończenia postępowania rekrutacyjnego i przez okres możliwości dochodzenia ewentualnych roszczeń, a w przypadku wyrażenia zgody na udział w przyszłych postępowaniach rekrutacyjnych - do czasu wycofania tej zgody. Zgoda na przetwarzanie danych osobowych może zostać wycofana w dowolnym momencie. Odbiorcą danych jest serwis Rocket Jobs oraz inne podmioty, którym powierzyliśmy przetwarzanie danych w związku z rekrutacją.