If you like change, change to us


We are an international mid sized group with appetite for innovations, approachable management, lead by objectives / targets which give the opportunity of a wide range of empowerment. We as a growth oriented market leader invite you to join us on our journey from good to great!



The  Risk, Compliance and Security Officer plays an integral part in the development, implementation and compliance of technical security across the enterprise. The officer is responsible for managing risks related to information security, physical security, business continuity planning, crisis management, privacy, and compliance. In addition, the officer ensures all staff members are trained on enterprise and governmental security requirements through awareness programs.


Key Responsibilities:

  • Design audits of computer systems to ensure secure operation and that data is protected from both internal and external attack
  • Ensures and monitors security compliance with industry and government rules and regulations
  • Assess system to determine security status
  • Design and recommend security policies and procedures to implement
  • Ensure compliance to policies and procedures
  • Design training materials for computer security education and awareness programs
  • Assist with the development and implementation of information classification and control policies and procedures.
  • Remain current with changes in the information resources security legislation and regulation
  • Develop, implement and maintain a regular Risk Assessment review of information systems
  • Conduct periodic reviews of information security policies, procedures, and compliance
  • Prepare reports of findings for review by Management
  • Assist various business units to implement and maintain information resources security
  • Conduct periodic audits of various applications and systems to ensure information security processes and procedures are effective
  • Develop and distribute reports that include findings and recommended remediation steps
  • Assist with the investigation, documentation, and response to all suspected information security events


Required skills and qualifications:

  • Bachelor of Science in Information Systems, computer science, business or related field or equivalent experience
  • 3+ years experience administering and supporting Information security, risk and compliance program(s)
  • Good Network and Computer analyze skills
  • Good knowledge of Information Security standards and frameworks (ISO2700x, Cobit)
  • Knowledge of national and international compliances and regulations
  • Basic knowledge of Data Protection regulations (EU-GDPR)
  • Ability to build and maintain good rapport with internal and external customers and handle situations with confidence, tact and resourcefulness
  • Project management skills
  • Communication skills
  • Fluent in English language, additional German language skills would be an advantage
  • Flexibility and ability to react to dynamic changing environments



Contact for this position: Katharina Heldt 


NORMA Polska Sp. z o.o.
ul . Długa 2
42-436 Pilica, Poland