About the project

• The GCIO Chief Control Office (CCO) team plays an important role in enabling the bank to operate within its risk appetite by ensuring efficient and effective risk and control management. We do this by providing operational risk and control expertise, specialist technical knowledge and a deep understanding of the businesses and functions we serve.
• Key activities include implementation and oversight of the Group’s Risk Management Framework, ongoing and targeted controls assessments, implementing and maintaining robust risk governance, and championing a proactive risk culture. GCIO CCO works closely with partners across all lines of defence and is responsible for maintaining positive relationships with our regulators and external partners.

Your responsibilities

• Act as a trusted advisor to senior management, overseeing the operational risk and control portfolio for Identity and Access Management (IDAM) services.
• Promote data-driven, accountable decision-making and challenge inefficient or excessive controls.
• Provide specialist insights to improve the control environment across key IDAM areas such as Joiners, Movers, Leavers (JML), Access Recertification, Segregation of Duties, MFA, and Privileged Access Management.
• Design and implement practical, effective, and commercially viable risk controls.
• Identify trends and anticipate future developments in the cyber risk and control landscape.
• Influence the development and implementation of future-fit risk management and regulatory frameworks.
• Deliver clear, evidence-based updates to senior management on operational risk and control changes.
• Collaborate globally across regions to maintain a strong and consistent cyber risk profile.

Our requirements

• At least 5 years of hands-on experience in cyber risk control, particularly in IDAM domains such as JML, Access Recertification, SoD, MFA, and PAM.
• Strong expertise in operational, non-financial, and information security risk management.
• Experience across IT, Cybersecurity, Risk Management, Operations, or Audit functions.
• Proven ability to influence and challenge stakeholders at all levels.
• Strong communication skills, with the ability to present complex issues clearly to non-technical audiences.
• Demonstrated leadership experience, including remote team management.
• Relevant certifications (e.g., CISA, CISSP, CRISC, CCSP) are a plus.
• Ability to work independently, prioritize effectively, and adapt in a fast-paced, regulated environment.

Technologies we use

What we offer

• Competitive salary.

• Annual performance-based bonus.

• Additional bonuses for recognition awards.

• Multisport card.

• Private medical care.

• Life insurance.

• One-time reimbursement of home office set-up (up to 800 PLN).

• Corporate parties & events.

• CSR initiatives.

• Nursery discounts.

• Financial support with trainings and education.

• Social fund.

• Flexible working hours.

• Free parking.