Leader | Council & Board Member | IT & Security Manager | GRC & Audit Manager | Coach & Trainer
MBA Program Director | IT Management Academy Director | AZIT Professor & Lecturer
My other profiles:
ORCID Nauka Polska ResearchGate LinkedIn
Leader | Council & Board Member | IT & Security Manager | GRC & Audit Manager | Coach & Trainer
MBA Program Director | IT Management Academy Director | AZIT Professor & Lecturer
My other profiles:
ORCID Nauka Polska ResearchGate LinkedIn
mBank S.A.
Senior Security Manager
June 2022 - June 2023
– cyber risk process management and threat modeling (managing cyberrisk methodology and model and execution of ICT risk assessments, definition of mitigation measures and preparation / implementation security plans);
– vulnerability management (scans and patching process management);
– IT security standards management: preparation, verification and compliance checks of security procedures, processes and guidelines based on PL/EU regulations for security of ICT systems including those processing bank's classified information, taking into account international frameworks and best practices, including: ISF, NIST, CSA, ISO, ISACA, IIA, CObIT;
– Information Security process management (ISMS based on ISO27001);
– supervising security / compliance audits;
– monitoring implementation of security recommendations;
– monitoring changes in law and regulations;
– cooperation with IT departments in IT solutions implementation;
– cooperation within the international capital group (Commerzbank risk and security departments) in the areas of risk management, security standards and IT solutions;
– planning and managing budget for security standards, risk management, vulnerability management and outsourcing contract;
– contract management (security areas).
IT Security Expert
October 2020 - July 2021
I was responsible for:
– architecting (developing and updating) IT security standards, taking into account legal regulations, as well as specialist standards and best practices, including: CObIT, ISF, NIST, CSA, ISO, ISACA, IIA;
– managing the process of granting exceptions from security standards;
– supervising security/compliance audits (i.e. cloud computing providers);
– monitoring implementation of security recommendations;
– monitoring changes in law and regulations;
– cooperation within the capital group;
– administering of the GRC system (standard and exception management module).
English, professional proficiency
Polish, native language
Professional Honors & Awards: