Job Description

Whether it's the unique breadth of our integrated offering that covers Injectable Aesthetics, Dermatological Skincare and Therapeutic Dermatology products; or our commitment to recognizing and rewarding people for the contribution they make - working here isn't like anywhere else.

At Galderma, we actively give our teams reasons to believe in our ambition to become the leading dermatology company in the world. With us, you have the ultimate opportunity to gain new and challenging work experiences and create an unparalleled, direct impact.

Role title: IT Security Expert – Application & Data Security
Location: Cracow, Poland – Hybrid: 3 days/week onsite

This is a high-impact opportunity for an experienced IT Security professional to sit at the intersection of application security, data protection, and third-party risk management

You’ll play a critical role in protecting enterprise systems and data by leading application and vendor security assessments, influencing risk decisions, and partnering closely with technology, compliance, and business stakeholders. The role offers strong exposure to senior leadership, complex environments, and meaningful decision-making rather than box-ticking.

If you enjoy combining hands-on security assessment work with strategic thinking and stakeholder influence, this role offers both depth and visibility.

Key responsibilities

• Conduct application and third-party (vendor) security assessments in line with internal policies and external regulatory requirements

• Identify security risks, control gaps, and improvement opportunities across applications, systems, and vendors

• Document findings clearly, including risks, recommended actions, and compensating controls

• Own the end-to-end assessment lifecycle within the Third-Party Risk Management (TPRM) framework, from planning through to reporting and issue tracking

• Collaborate with cross-functional teams to define assessment approaches and build effective vendor evaluation models

• Provide expert guidance on complex security, risk, and compliance topics

• Deliver high-quality risk assessment reports with actionable insights for stakeholders and senior leadership

Required qualifications & experience

• Bachelor’s degree in Information Security, Computer Science, Risk Management, or a related field

• 8+ years of overall experience in IT security, risk, or compliance

• Minimum 5+ years of proven experience in application security, third-party risk management, or related security assessment roles

• 3+ years’ experience with ServiceNow IRM and OneTrust IT and TPRM modules

• Strong understanding of security controls, risk frameworks, and compliance requirements

• Experience working with multiple stakeholders across IT, security, and business functions

• Excellent written and verbal communication skills, with the ability to present complex risks clearly

What we offer in return:

• You will be working for an organization that embraces diversity & inclusion and believe we will deliver better outcomes by reflecting the perspectives of our diverse customer base.

• You will receive a competitive compensation package with bonus structure and extended benefit package.

• You will be able to work in a hybrid work culture.

• You will participate in feedback loops, during which a personalized career path will be established.

• You will be joining a growing company that believes in ownership from day one where everyone is empowered to grow and to take on accountability.

Next Steps:

• If your profile is a match, we will invite you for a first virtual conversation with the recruiter.

• The next step is a virtual conversation with the hiring manager and other members of the team.

• The final step is an in-person HR interview with the local HRBP.

Our people make a difference

At Galderma, you’ll work with people who are like you. And people that are different. We value what every member of our team brings. Professionalism, collaboration, and a friendly, supportive ethos is the perfect environment for people to thrive and excel in what they do