Share this job





Title:  Information Security Compliance Manager

Job ID:  21781
Country:  Poland
City:  Warsaw
Professional area:  Information Technology
Contract type:  Permanent
Professional level:  Experienced

JTI is a leading international tobacco company with operations in more than 120 countries. We’re the global owner of world-renowned brands such as Winston, the number two cigarette brand in the world, and Camel (outside the US). Our global brands also include Mevius, LD and Natural American Spirit, and we manufacture the internationally recognized Logic e-cigarette brand and Ploom Tech, a major brand in the heated tobacco category. 
Headquartered in Geneva, Switzerland, we employ over 40’000 people across the globe. We were recently awarded Global Top Employer for the fourth consecutive year with regional Top Employer Certification in Europe #1, Asia #1, North America #1, Africa #2 and Middle East #3. This is recognition of our outstanding talent strategy, energizing culture and commitment to learning and development. 
We are a member of the Japan Tobacco Group of Companies. For more information visit  


An experienced, enthusiastic and results-oriented IT professional is needed for the role of


Information Security Compliance Manager

Based in Warsaw, Poland


This position is a global IT position responsible for ensuring that IT controls and other measures, implemented to mitigate information security risks, are operating effectively and ensures that risk is appropriately addressed in line with company policies.

This position is responsible for evaluating Risk Acceptances and helping to improve the overall IT risk posture of JTI globally as a key member of the Information Security Team, working directly with technical and business leadership teams across the organization to ensure security and compliance requirements are maintained.


Our offer includes


  • A competitive pay and an attractive benefits package including medical care, Multisport card, life insurance, pension plan, company products.
  • Work within a truly global team, professional support and possibility to share knowledge and best practices internationally.
  • Individual development opportunities, in house, external and abroad trainings, that will inspire you to grow professionally and personally.
  • Wide variety of projects and tasks, ambitious goals and independence in achieving them.
  • Dynamic and innovative spirit with a constant quest to do things better.


Key responsibilities


  • Provide compliance to Information Security standards/data regulations including identifying gaps in IT compliance areas and overall security environment.
  • Test IT controls frameworks and look for automation/outsourcing/efficiency opportunities to ensure the cost of control balances with the level of risk.
  • Coordinate audit-related tasks to ensure the readiness of IT managers and their teams for audit testing and facilitate the timely resolution of audit findings.
  • Provide support to internal and external audit for audits, including JSOX. Manage the audit database of recommendations.
  • Follow up on the investigation in the event of security incident. 
  • Design and build a framework to measure third party compliance to key JTI controls and a process for the remediation of identified gaps.
  • Provide a facilitation role during acquisition/expansion/new business model projects to introduce that security controls to mitigate potential risks. 


Main requirements


  • Strong working expertise with Information Security, Compliance & IT Management Standards; ISO27001, PCI-DSS, JSOX, COBIT & ITIL.
  • Solid experience in supporting security controls, compliance and audit activity within a global organization with multiple technologies and architectures: Windows, Unix/Linux, SAP, Oracle, SQL, Citrix.
  • Standard certifications in Information Security or Compliance (CISSP, CISA, CISM, ISA). Former PCI experience would b a plus.
  • Proficiency in performing IT risk, business impact, control, and vulnerability assessments.
  • Practical experience in developing, documenting, and maintaining security policies, processes, procedures, and standards.
  • Intermediate Proficiency with Microsoft Office software (including MS Visio and SharePoint) as well as strong understanding of business applications, including ERP and financial systems.
  • Working knowledge of the JTI organization, and internal IT processes will be a plus.
  • Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
  • Self-starter and a team-player with the ability to translate complex technical terms into business language.
  • Strong project management, time management and organization skills.
  • Advanced written and verbal communication skills.
  • Advanced English is a must (used on a daily basis in international environment).
  • Frequent travelling is required to support compliance activity across multiple locations (1-2 per month).



Job Segment: Information Security, Compliance, Information Technology, IT Manager, Technology, Security, Legal

Apply now »