Chief Information Security Officer - Solvd Poland, Warsaw Bookmark Share Print 14 0 0

Listing Description

Solvd is a global IT services organization with 800+ professionals delivering software development, QA, and digital transformation solutions. Our distributed teams operate across 8 delivery centers, serving enterprise clients in fintech, healthcare, and logistics. Security and compliance are foundational to our client partnerships.

We seek a strategic Chief Information Security Officer (CISO) with 8+ years of leadership experience to design, implement, and manage our global security program. This role will ensure SOC 2 and ISO 27001 compliance, secure our software delivery lifecycle (SDLC), and safeguard client data across a distributed workforce.

Responsibilities:
  • Lead SOC 2 Type II audits and ISO 27001 certification processes, ensuring alignment with AICPA Trust Services Criteria and Annex A controls.
  • Develop policies for data privacy (GDPR, CCPA), secure coding, and third-party risk management.
  • Build a scalable security framework for 800+ engineers, QA teams, and DevOps pipelines.
  • Implement DevSecOps practices, including SAST/DAST tools, container security, and cloud posture management (AWS/Azure/GCP).
  • Conduct biannual risk assessments across global delivery centers and client-facing systems.
  • Mitigate threats like supply chain attacks, insider risks, and API vulnerabilities.
  • Manage a distributed team of security analysts, GRC specialists, and incident responders.
  • Foster a security-first culture through training programs and phishing simulations.
  • Oversee a 24/7 SOC, including log monitoring (SIEM), threat hunting, and breach containment.
  • Maintain disaster recovery plans with <2h RTO/RPO for critical systems.
  • Collaborate with sales/pre-sales teams to address security questionnaires and RFPs.
  • Audit third-party vendors (e.g., cloud providers, CI/CD tools) for compliance.

    • Mandatory Requirements:
  • 8+ years in information security leadership, preferably in IT services or SaaS.
  • Proven success in achieving SOC 2 and ISO 27001 certifications.
  • Expertise in securing global teams (1,000+ employees) and multi-cloud environments.
  • Technical proficiency.
  • Fluency in English.

    • Optional Requirements:
  • Secure SDLC frameworks (OWASP SAMM, BSIMM).
  • Infrastructure-as-code (Terraform) and Kubernetes security.
  • Compliance automation tools (Drata, Vanta, Tugboat Logic, ).
  • Certifications: CISSP, CISM, ISO 27001 Lead Auditor, or equivalent.

    • Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!