Information Security Senior Specialist

Information Security Senior Specialist

Place of work: Cracow 

Job purpose:

As an Information Security Specialist at Zurich, you will help protect our data, systems, and customers by implementing robust security measures and fostering a culture of security awareness. You’ll work collaboratively across the business to reduce risks and ensure compliance, supporting Zurich’s commitment to creating a brighter future together.

Key Accountabilities:

Technical Security Management:

• Deploy, monitor, and maintain security solutions as per Zurich group guidelines.  Conduct regular vulnerability assessments to identify and address risks.
• Assists local or regional projects to identify and align business and technical security requirements, design security controls and test their effectiveness ensuring the product implemented addresses both business and security needs.

Risk Assessment & Mitigation:

• Evaluate information security risks and recommend effective mitigation strategies. Support business in understanding and managing security risks.
• Work with colleagues across the IT function to ensure plans are aligned to functional Disaster Recovery and Business Continuity.
• Regular review of Business Impact Analysis for the center.
• Implement and monitor security controls.

Incident Response:

• Detect, analyze, and respond to security incidents. Lead or assist in incident investigations and conduct post-incident reviews.

Regulatory Compliance:

• Ensure ongoing compliance with relevant laws, regulations (e.g., GDPR), and Zurich’s internal policies.
• Support audits and provide documentation as required.

Security Awareness & Training:

• Deliver security awareness training and campaigns to employees. 
• Communicate security concepts in clear, accessible language raising engagement with end users in alignment with local requirements.

Continuous Improvement:

• Stay up to date with emerging threats, technologies, and best practices.
• Adapt security practices to evolve business and regulatory requirements.

Collaboration & Documentation:

• Work closely with IT teams, business within Zurich, and external partners. Document security processes and procedures for clarity and consistency.

Vulnerability Management:

• Experience identifying, assessing, prioritizing, and remediating security vulnerabilities in applications and operating systems.

Power Platform Experience:

• Hands-on experience with Microsoft PowerApps, Power Automate, and related Microsoft 365 tools.
• Become a member of global security communities.

Candidate’s profile:

• Bachelor’s degree (or equivalent) in IT or other related areas.
• 2 or more years of experience in related fields.
• Good knowledge of cybersecurity frameworks, tools, and best practices.
• Experience conducting risk assessments, vulnerability scans, and incident responses.
• Detect, investigate, and respond to security incidents as per group guidelines.
• Understanding of relevant legal, regulatory, and Zurich-specific requirements (e.g., GDPR, local data protection laws).
• Excellent communication skills—able to explain technical topics to non-technical audiences.
• Ability to work collaboratively and manage multiple priorities.
• Commitment to continuous learning and professional development.
• Good knowledge of Power Tools (specifically: Power Apps, Power Automate, Power BI).
• Knowledge of Service Now and Jira is a plus.

We offer:

• Real life opportunities to develop and grow with us and contribute to the world around us.
• Competitive salaries, language allowance and an employee benefits package that includes among others medical insurance, life insurance and sport-card.
• Annual bonus depending on company annual results and individual performance.
• Wide range of learning programs and personal development opportunities including also possibility to apply for up to 80% of educational trainings reimbursement.
• Referral awards.
• Online fitness trainings.
• Hybrid work.
• Nice and friendly atmosphere.

Who we are:

Zurich Insurance Group (Zurich) is a leading multi-line insurer serving people and businesses in more than 200 countries and territories. Founded 150 years ago, Zurich is transforming insurance. In addition to providing insurance protection, Zurich is increasingly offering prevention services such as those that promote wellbeing and enhance climate resilience. Reflecting its purpose to ‘create a brighter future together’, Zurich aspires to be one of the most responsible and impactful businesses in the world. It is targeting net-zero emissions by 2050 and has the highest-possible ESG rating from MSCI. In 2020, Zurich launched the Zurich Forest project to support reforestation and biodiversity restoration in Brazil. The Group has about 60,000 employees and is headquartered in Zurich, Switzerland. Zurich Insurance Group Ltd (ZURN), is listed on the SIX Swiss Exchange and has a level I American Depositary Receipt (ZURVY) program, which is traded over-the-counter on OTCQX. Further information is available at www.zurich.com.

In March 2016 we established a Shared Service Centre in Kraków, in Poland to support our global strategy. It is from this location that we have created a global shared service platform, focusing on advanced business functions such as financial accounting and reporting, planning and performance management, ICFR testing, financial systems management as well as HR integrated talent management operations.

This role is related to the key area of Zurich’s activity in Kraków. We are committed to complete the recruitment process as soon as possible, however in some occasions it may take up to 6 months and the requirements for the position may be subject to some clarification or modification during the recruitment process.