IDT Security Digital Journey Security Advisory

  • British American Tobacco
  • Warsaw
  • Employment contract
  • 12.11.2019


Experience level: Senior

• In-depth knowledge and practice with business strategies, objectives, challenges and ways of working across at least few business functional domains (Marketing, Operations, Corporate Services, Finance, R&D, New Generation Products) and geographical domains (Regions, Commercial Units, Factories)  

• In-depth knowledge and practical application of IT Security and IT risk management principles and concepts with experience in reviewing application / infrastructure security architecture and design  

• Strong working knowledge of methods and best practice in compliance / risk management /  IT Security with good understanding of the technical details of security threats and mitigating controls 

• Strong knowledge of development, design and project management methodologies and experience in reviewing application / infrastructure security architecture and design  

• Strong consulting and risk analysis skills, ability in problem solving, critical thinking and time management to drive balanced outcomes balancing business objectives with security risk and exposure,  

• Knowledge of development, design and project management methodologies with strong technical security background and broad experience in IT system and applications development and demonstrable ability to apply security controls to mitigate security risks in business solutions 

• Demonstrated experience translating the business impact of security risks into language that non-technical staff can understand 

• Knowledge of industry security, risk management and assessment methodologies and standards and applying them in a large enterprise environment - eg. ISO 27000 series, NIST, OWASP, PCI DSS; 

• Strong and technical skills and demonstrable experience in a least one discipline; e.g. Microsoft, Oracle, Cisco, SAP 

• Thorough understanding of current and emerging IT and security technologies, security threats and trends  

• Strong technical security background and broad experience in system and applications support 

• Ability to put business challenges against proposals, and to assess their long-term business value. 

• Experience of working in a complex geographical/functional matrix organization. 

• Excellent written and communication skills including experience with an executive audience 

• Education: Bachelor’s degree 

• Professional certification in IT and Security preferred – e.g. CISSP, CCSP, CSSLP, GSEC, SABSA, MCSE 

• 5 or more years of progressive IT Security, IT and architecture experience 

• Time to 100% productivity: 3 months 



Necessary on this position:
  • IT Security knowledge

Project you can join

technology solutions to Business and IT stakeholders, 

• Work with Programmes and Projects to provide advisory, design assurance and facilitating compliance with group’s IT security framework  

• Work with business and IT stakeholders to drive improvements in IT Security Risk position, Cyber Threats mitigation and compliance level, build understanding and advocacy network of IT Security discipline across the organization, 

• Work with architects and solution designers to incorporate appropriate security controls into end-to-end solutions 

• Provide consulting to projects during the analysis, design and build phases of projects, such that the solution designs being deployed meet minimum standards and are aligned to BAT strategy 

• Assess security adequacy of architecture & design of applications / infrastructure solutions  

• Participate in the development, maintenance and communication of overall enterprise IT security strategy and architecture 

• Build and maintain productive, collaborative relationships with stakeholders in IT and the business 

• Acting as an enterprise level consultant on all aspects of IT Security  


  • Laptop
  • PC
  • Additional monitor
  • Headphones
  • Personal container
  • Phone
  • Freedom to pick your tools

Work environment

  • Tech supervisor
  • Open space
  • Separate rooms
  • Dress code
  • Flexible working hours


  • Healthcare package
  • Healthcare package for families
  • Financial bonus
  • Equity
  • Cold beverages
  • Hot beverages
  • Fruits
  • Snacks
  • Lunches
  • Conferences
  • Trainings
  • Books
  • Car parking
  • Bicycle parking
  • Shower
  • Chill room
  • Playroom for children
  • Integration events

Contact this employer

British American Tobacco is a Data Controller ...