# Cybersecurity Risk Specialist

> Uni Systems · Warsaw, Poland (Hybrid) · Full-time · Posted 2026-07-15

**Workplace:** hybrid

**Department:** Professional Services Practice

## Description

At Uni Systems, we are working towards turning digital visions into reality. We are continuously growing and we are looking for a professional Cybersecurity Risk Specialist to join our UniQue Warsaw team.

**What will you be bringing to the team?**

-   Ensure compliance with and provide legal advice and guidance on data privacy and data protection standards, laws and regulations
-   Identify and document compliance gaps
-   Conduct privacy impact assessments and develop, maintain, communicate and train upon the privacy policies, procedures
-   Enforce and advocate organisation’s data privacy and protection program
-   Ensure that data owners, holders, controllers, processors, subjects, internal or external partners and entities are informed about their data protection rights, obligations and responsibilities
-   Act as a key contact point to handle queries and complaints regarding data processing
-   Assist in designing, implementing, auditing and compliance testing activities in order to ensure cybersecurity and privacy compliance
-   Monitor audits and data protection related training activities
-   Cooperate and share information with authorities and professional groups
-   Contribute to the development of the organisation’s cybersecurity strategy, policy and procedures
-   Develop and propose staff awareness training to achieve compliance and foster a culture of data protection within the organization
-   Manage legal aspects of information security responsibilities and third-party relations

## Requirements

**What do you need to succeed in this position?**

-   Master’s degree + at least 9 years of relevant professional IT experience, including a minimum of 8 years of experience in projects in a similar position.
-   At least four of the following certifications are required. Alternatively, an internationally recognized equivalent certification to any of the below may be accepted, subject to validation.

1.  CISA (ISACA Certified Information Systems Auditor)
2.  CISM (ISACA Certified Information Security Manager)
3.  CRISC (ISACA Certified in Risk and Information Systems Control)
4.  CISSP (ISC2 Certified Information Systems Security Professional)
5.  CGRC (ISC2 Certified in Governance, Risk and Compliance)
6.  CSSLP (ISC2 Certified Secure Software Lifecycle Professional)
7.  CCSP (ISC2 Certified Cloud Security Professional)
8.  CISSP-ISSMP (ISC2 Certified Information Systems Security Management Professional)
9.  GSNA (GIAC Certified Systems and Network Auditor)
10.  GCCC (GIAC Certified Critical Controls)
11.  GIAC Certified ISO-27000 Specialist
12.  ISO 27001 Lead Implementer or equivalent
13.  ISO 27001 Lead Auditor or equivalent
14.  ISO 27005 Risk Manager

-   Minimum 5 years of experience in cybersecurity GRC, with a clear focus on cybersecurity risk management.

-   Strong knowledge of cybersecurity laws, regulations, standards, methodologies, frameworks and policies, as well as legal, regulatory and compliance requirements, recommendations and best practices, including privacy impact assessment methodologies and frameworks
-   Comprehensive understanding of the business strategy, models and products, with the ability to factor legal, regulatory and standards requirements into business decisions.
-   Ability to apply data protection and privacy practices in the implementation of organizational processes, finance and business strategy.
-   Capability to lead the development of cybersecurity and privacy policies and procedures that support business needs and legal requirements, ensuring their acceptance, understanding, implementation and communication among relevant stakeholders.
-   Experience conducting, monitoring and reviewing privacy impact assessments using recognized standards, frameworks, methodologies and tools.
-   Ability to explain and communicate data protection and privacy topics to stakeholders and users.
-   Understanding of, and adherence to, ethical requirements and professional standards.
-   Capability to assess the implications of changes to the legal framework on the organization's cybersecurity and data protection strategy and policies.
-   Proven experience in designing or operationalizing a cyber risk management framework.
-   Hands-on experience using ServiceNow GRC (IRM, Risk, Policy and Compliance modules).
-   Demonstrated experience maintaining and managing a cybersecurity risk register.
-   Experience integrating risk management with vulnerability management, incident management, cloud risk and third-party risk.
-   Experience contributing to cybersecurity maturity improvement programmes.

-   English proficiency at C1 level

At Uni Systems, we are providing equal employment opportunities and banning any form of discrimination on grounds of gender, religion, race, color, nationality, disability, social class, political beliefs, age, marital status, sexual orientation or any other characteristics. Take a look at our [Diversity, Equality & Inclusion Policy](https://www.unisystems.com/sites/default/files/2023-05/Diversity%2C%20Equality%20and%20Inclusion%20Policy.pdf) for more information.

## Apply

[Apply at Uni Systems](https://apply.workable.com/uni-systems/j/AAB4C97441/apply)

---
Powered by [Workable](https://www.workable.com)
