let’s make something together

Give us a call or drop by anytime, we endeavour to answer all enquiries within 24 hours on business days.

Find us

PO Box 16122 Collins Street West
Victoria 8007 Australia

Email us


Phone support

Phone: + (066) 0760 0260
+ (057) 0760 0560

(Cybersecurity Risk and Control Strategy) Chief of Staff CRCS and Cybersecurity Poland

  • By Sylwia Lupa
  • 6 October 2021

The candidate will join one of the largest banking institutions in the world.

The Chief of Staff CRCS and Cybersecurity Poland is a key role within both the Global Cybersecurity Risk and Controls Strategy (CRCS) team and the local entity management structures for the Cybersecurity Function in Poland. The role reports directly to the Global Head of CRCS and Head of Poland Cybersecurity Practice. Role holder will as well act as the Chief of Staff across the dual remit.

The role holder will be part of Cybersecurity Leadership team in Poland as well as a member of the Global CRCS Leadership team. As such the role holder must have relevant management and leadership experience, strong stakeholder management and communication skills, and the ability to adapt and grow both the local as well as the global team.

Cybersecurity Risk &Controls Strategy is responsible for:

  • End to End Cybersecurity Control Design
  • Continuous Controls Monitoring
  • Cybersecurity MI Reporting
  • Cybersecurity Risk Quantification (CRQ)
  • Driving consistent control implementation by GB/GF and geographically
  • Aligning Cybersecurity controls strategy with wider Resilience and Technology strategy requirements

Cybersecurity Poland is a hub for Global Cybersecurity functions servicing all company’s locations, Businesses
and Functions.

Key Accountabilities:

  • Managing CRCS governance and reports to Group CISO, Group CIO and wider CRCS stakeholders
  • Coordinating, consolidating and streamlining CRCS information flow with Global Businesses, Functions and Geographies, working closely with the new CRCS Business Engagement Leads
  • Driving strategic initiatives
  • Leading ad hoc programmes
  • Entity Manager for Cybersecurity Functions based in Poland: Cybersecurity Business Enablement, Cybersecurity Assurance and Testing, Cybersecurity Sciences and Advanced Analytics, Strategy Program & Execution, and Cybersecurity Research & Offensive Security,
  • The role holder will be responsible for local entity managerial activities as well as connecting with global cybersecurity function heads to ensure alignment and adequate level of tasking, progress and development
  • Managing Recruitment flow for all Cybersecurity teams in Poland including (in addition to the above), Cybersecurity Operations, Cybersecurity Engineering and Cybersecurity Risk and Controls Strategy
  • Onboarding and off-boarding resources
  • Finance management for the department
  • Site / Office management for the department
  • Interaction and relationship building with local Universities
  • Poland Industry Forums representative

Specific Requirements:

Risk &Control Background

  • Detailed knowledge about risk management practices, including control design, monitoring and metrics reporting
  • Knowledge of NIST framework will be highly beneficial

Leadership and Management Experience

  • Strong experience managing and leading diverse, highly skilled teams
  • Experience with mentoring, coaching, performance management and talent management best practices.
  • Experience within fast-moving, complex and demanding corporate environments with a need to multi-task whilst dealing with ambiguity and change
  • Experience in building and recruiting highly specialized teams

Financial experience

  • Experience in managing departmental budgets
  • Experience in dealing with expenses, 3rd parties, vendors, consultancy firms and contractors

Governance background

  • Ability to translate difficult concepts into simple messages for different types of audiences
  • Experience in chairing and managing governance forums
  • Experience in providing materials to senior executives, boards and regulators

Strong stakeholder management and communications skills

  • Experience of working at an operational level in international environments which drive a true international
  • Strong experience in technical writing and report authoring. Demonstrated thought leadership in building reports that meet stakeholder needs.
  • Experience on developing creative and engaging social media strategies. Plus experience on creating engaging multimedia content (and/or outsource this effectively) across multiple platforms
  • Experience in managing large networks of stakeholders at various levels of seniority

They offer:

  • Contact with top IT technologies available in the market.
  • Employees’ benefits: Multisport Card, private medical and dental health care, life insurance,
  • Free parking space for their employees – few minutes from the office,
  • Internal training events and workshops,
  • Realistic career progression opportunities in an international organization,
  • Casual dress code,
  • Cultural exchange,
  • Remote work possible after Covid-19 (up to individual discussion with hiring manager)

Note: Prepare your CV in English (PDF), fill in the form, and apply! 🙂
Please include in your CV the following clause necessary for the recruitment process:

I agree to the processing of personal data that I have made available voluntarily in the recruitment process by the Administrator of personal data, i.e. Dotcommunity Spółka z ograniczoną odpowiedzialnością [Ltd.] based in Cracow, 15 Żabiniec Street, 31-215 Cracow, registered in Poland, the Cracow’s District Court – Śródmieście, XI Commercial Division of the National Court Register under number 0000468484, VAT number: 9452174499, (“Dotcommunity”) in order to carry out the recruitment process for the (Cybersecurity Risk and Control Strategy) Chief of Staff CRCS and Cybersecurity Poland position on the basis of Art.6 item 1a of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).