Cyber Security Policy & Procedure Specialist (f/m) is a role supporting an offshore wind project within a regulated, critical infrastructure environment.
The position is responsible for developing and maintaining cyber security policies and procedures across IT and OT, ensuring full alignment with NIS2 and European as well as Polish regulatory requirements. The role plays a key part in translating legal and regulatory obligations into practical, auditable security governance for a large-scale offshore wind project.
remote + visits in Warsaw office (2-3 per month)
B2B contract
Responsibilities
- Ensuring alignment of IT and OT cybersecurity governance, including defined roles, responsibilities, and escalation paths
- Defining security interfaces and responsibility boundaries between asset owners/operators, the TSO, external stakeholders, vendors, service providers, and system integrators
- Translating regulatory and legal requirements into practical, auditable cybersecurity governance documentation
- Ensuring traceability between legal and regulatory requirements, security policies, and implemented controls
- Supporting vendor contracting processes related to Service Agreements in the areas of Cyber Security, IT, and OT
- Working independently and interfacing with legal, IT, OT, and operational stakeholders
Security – Scope of Work
- Design, structuring, and crafting of cyber security policies and procedures
- Development of policies and procedures for the Corporate IT environment
Key Deliverables
- Supporting Baltic Power with the formalization and implementation of cyber security governance documentation
- Developing policies and procedures that are aligned with European Union Directives and standards, as well as Polish regulatory requirements
Requirements
- Proven experience delivering cyber security policies and procedures in regulated environments
- Hands-on experience with NIS2 and European critical infrastructure regulation
- Familiarity with Polish cyber security legislation and regulatory expectations
- Strong understanding of IT and OT cyber security, including industrial control systems (ICS)
We kindly inform you that only shortlisted candidates will be contacted. Please submit your CV in English.