IT Security Expert – Application & Data Security

Galderma is the emerging pure-play dermatology category leader present in approximately 90 countries. We deliver an innovative science-based portfolio of premium flagship brands and services that span the full spectrum of the fast-growing dermatology market through Injectable Aesthetics Dermatological Skincare and Therapeutic Dermatology. Since our foundation in 1981 we have dedicated our focus and passion to the human bodys largest organ - the skin - meeting individual consumer and patient needs with superior outcomes in partnership with healthcare professionals. Because we understand that the skin we are in shapes our lives we are advancing dermatology for every skin story.

We look for people who focus on getting results embrace learning and bring a positive energy. They must combine initiative with a sense of teamwork and collaboration. Above all they must be passionate about doing something meaningful for consumers patients and the healthcare professionals we serve every day. We aim to empower each employee and promote their personal growth while ensuring business needs are met now and into the future. Across our company we embrace diversity and respect the dignity privacy and personal rights of every employee.

At Galderma we actively give our teams reasons to believe in our bold ambition to become the leading dermatology company in the world. With us you have the ultimate opportunity to gain new and challenging work experiences and create an unparalleled direct impact.

Role title: IT Security Expert Application &Data Security
Location: Cracow Poland Hybrid: 3 days/week onsite

This is a high-impact opportunity for an experienced IT Security professional to sit at the intersection of application security data protection and third-party risk management.

Youll play a critical role in protecting enterprise systems and data by leading application and vendor security assessments influencing risk decisions and partnering closely with technology compliance and business stakeholders. The role offers strong exposure to senior leadership complex environments and meaningful decision-making rather than box-ticking.

If you enjoy combining hands-on security assessment work with strategic thinking and stakeholder influence this role offers both depth and visibility.

Key responsibilities

• Conduct application and third-party (vendor) security assessments in line with internal policies and external regulatory requirements

• Identify security risks control gaps and improvement opportunities across applications systems and vendors

• Document findings clearly including risks recommended actions and compensating controls

• Own the end-to-end assessment lifecycle within the Third-Party Risk Management (TPRM) framework from planning through to reporting and issue tracking

• Collaborate with cross-functional teams to define assessment approaches and build effective vendor evaluation models

• Provide expert guidance on complex security risk and compliance topics

• Deliver high-quality risk assessment reports with actionable insights for stakeholders and senior leadership

Required qualifications & experience

• Bachelors degree in Information Security Computer Science Risk Management or a related field

• 8 years of overall experience in IT security risk or compliance

• Minimum 5 years of proven experience in application security third-party risk management or related security assessment roles

• 3 years experience with ServiceNow IRM and OneTrust IT and TPRM modules

• Strong understanding of security controls risk frameworks and compliance requirements

• Experience working with multiple stakeholders across IT security and business functions

• Excellent written and verbal communication skills with the ability to present complex risks clearly

What we offer in return:

• You will be working for an organization that embraces diversity & inclusion and believe we will deliver better outcomes by reflecting the perspectives of our diverse customer base.

• You will receive a competitive compensation package with bonus structure and extended benefit package.

• You will be able to work in a hybrid work culture.

• You will participate in feedback loops during which a personalized career path will be established.

• You will be joining a growing company that believes in ownership from day one where everyone is empowered to grow and to take on accountability.

Next Steps:

• If your profile is a match we will invite you for a first virtual conversation with the recruiter.

• The next step is a virtual conversation with the hiring manager and other members of the team.

• The final step is an in-person HR interview with the local HRBP.

Our people make a difference

At Galderma youll work with people who are like you. And people that are different. We value what every member of our team brings. Professionalism collaboration and a friendly supportive ethos is the perfect environment for people to thrive and excel in what they do