Head of Information Security

We are looking for an experienced Head of Information Security to lead and continuously strengthen our global security strategy, governance, and compliance programs.

Testronic works with highly confidential pre-release game and media content provided by some of the world’s leading entertainment companies. Protecting this data and maintaining the trust of our clients is critical. As Head of InfoSec, you will play a key role in ensuring that our security controls, policies, and operational processes remain robust, effective, and aligned with both regulatory and client requirements.

This role combines security strategy, governance, and operational oversight. You will own the company’s information security program, oversee ISO 27001 certification and security audits, and work closely with IT, business teams, and clients to ensure that security is embedded across all operations.

Key Responsibilities:

• Develop and maintain the company’s information security strategy and roadmap, continuously improving our security posture while supporting business and client needs.
• Own and maintain the ISO 27001 certification program, including internal and external audits and compliance activities.
• Ensure compliance with internal policies, GDPR, and client contractual security requirements across all locations.
• Act as the custodian of security policies and standards, ensuring alignment with ISO 27001 and evolving business needs.
• Oversee incident management, vulnerability management, and SIEM monitoring, ensuring effective processes and controls are in place.
• Coordinate penetration testing, vulnerability remediation, and internal security assessments together with IT teams.
• Manage risk management processes, including maintaining risk registers and reporting to senior leadership.
• Support client security audits and assessments, providing transparency and assurance regarding our security environment.
• Act as a security advisor for internal projects, ensuring that security requirements are integrated into IT and business initiatives.
• Drive security awareness across the organization, supporting stakeholders in understanding and following security requirements.
• Maintain documentation and evidence required for compliance, audits, and reporting.
• Establish and track security KPIs and KRIs to monitor the effectiveness of the security program.

• Strong experience in information security, cybersecurity, or security governance, including leadership or ownership of security programs in global organizations.
• Proven experience owning and managing an ISO 27001 certification program and working with security audits.
• Strong understanding of security architecture and controls, including areas such as network security, SIEM monitoring, vulnerability management, and cloud security.
• Solid knowledge of modern cyber threats, hacking techniques, and data exfiltration risks, and how to mitigate them.
• Experience managing security compliance frameworks, risk management processes, and security governance programs.
• Ability to balance security requirements with business needs in a fast-moving and client-focused environment.
• Strong stakeholder management and communication skills, including the ability to work with both technical and non-technical teams.

Education & Certifications

• University degree in Cybersecurity, Information Technology, or a related field.
• Relevant certifications such as CISSP, CISM, CEH, or similar.
• Audit-related certifications such as ISO 27001 Lead Auditor or CIA are a plus.

• Full-time contract.  
• Hybrid work model (Warsaw).
• Medical healthcare and Multisport card.
• Stable employment and professional growth in an international environment.  
• Opportunity to shape and further develop the company’s global information security program.
• Friendly and open-minded teams.