Senior IT Analyst, Data Platform SecurityThe job can be based in Poland or Portugal.We are looking for a Senior IT Security Analyst - Data & AI Platform to join our group of IT experts that manage a broad portfolio of systems, tools, and technologies that serve the Data & AI Platform for the entire enterprise.Our team is responsible for centrally building, evolving, and operating the global Data & AI Platform for the rest of PMI teams that develop data products, analytical solutions, and AI‐driven applications on top of it.The Senior IT Security Analyst - Data & AI Platform will strengthen the existing Security team by acting as a 1st Line of Defense representative for information security. The role ensures that PMI's Data & AI Platform is deployed and operated securely, effectively bridging the speed and agility of Product teams (Architecture, Engineering, Support) with strict adherence to enterprise policies and standards governed by 2nd Line of Defense functions (Information Security, Privacy, Legal).QualificationsUniversity degree, preferably in Computer Science, Information Security, Cybersecurity, Engineering, or a related fieldMinimum of 5 years of experience in information security, IT risk management, or IT audit within a large organization. Industry certifications such as CISSP, CISA, or CISM are an advantageDemonstrated knowledge and practical implementation experience with global AI security standards, regulations, and frameworks (e.g., ISO/IEC 27090, EU AI Act, OWASP AI Exchange)Experience supporting and securing AI/ML platforms built on a modern technology stack, spanning model development and hosting (e.g., Amazon SageMaker), foundation model consumption (e.g., Amazon Bedrock), LLM orchestration (e.g., LiteLLM), observability and evaluation (e.g., LangSmith), automation workflows (e.g., n8n), and third‐party AI services and enrichment tools (e.g., Tavily, Nova Lite)Proven experience defining and operationalizing secure shared‐responsibility models for AI/ML platforms and product teams consuming them, ensuring security and compliance are enforced by default through platform‐level and product‐level controls (e.g., model and agent access restrictions, data boundary enforcement, secure prompt and output handling, model lifecycle governance, and human‐in‐the‐loop controls)A solid understanding of data platform concepts (e.g., data warehouse, data lake, lakehouse, data mesh), architectural differences (e.g., centralized vs. decentralized data ownership, batch vs. streaming pipelines, cloud‐native vs. on‐premise platforms), together with their security implications (e.g., access control models, data lineage and auditability, encryption, data classification)A general understanding of internationally recognized frameworks and standards (e.g., ISO 27001, SOC 2) and regulatory requirements (e.g., SOX, GDPR) relevant to information security, privacy, and data protectionA problem solver with excellent organizational skillsA disciplined and autonomous individual in handling demands within a constantly changing environment and working closely to deliver committed resultsBe courageous and determined to get things done through others, able to persuade them into executing on your request, tracking timelines, and escalating if necessaryStrong presentation, verbal, and written communication skills in English with the ability to articulate complex ideas in easy‐to‐understand business terms to all levels of the organizationThe ability to effectively manage multiple stakeholders and competing priorities with high attention to detailResponsibilitiesAct as the designated security single point of contact for one or more Product Teams, supporting a portfolio of tools, technologies, and platform capabilities within the PMI Data & AI Platform, and serving as an embedded 1st Line of Defense representative supporting day‐to‐day product delivery while ensuring security and compliance with company policies and standardsSupport initiatives delivering new systems or evolving existing ones by performing hands‐on security reviews across the delivery lifecycle, including stage‐gate reviews such as Third‐Party Due Diligence, Vendor Contract Reviews, Solution Outline Reviews, Threat Modeling, Migration Plan Reviews, Access Model Implementation Reviews, System Integration Reviews, and security testing activities (e.g., SAST, DAST, penetration testing)Drive adherence to business‐as‐usual security processes across Product Teams (e.g., patch management, vulnerability management, and IT resilience)Be accountable for timely remediation of security risks, findings, and vulnerabilitiesDesign and build security observability capabilities, in close collaboration with Site Reliability Engineering teams, to enable active monitoring, reporting, and governance of key security metrics for systems across the Data & AI PlatformContinuously improve security processes and ways of working across the Data & AI Platform, reducing friction and bottlenecks by leveraging AI and automation to deliver measurable efficiency gains (e.g., faster throughput, improved consistency, reduced handoffs, and recovered engineering capacity)Support the execution of key enterprise Information Security programs for systems under the Data & AI Platform scopePartner closely with 2nd Line of Defense functions (e.g., Information Security, Privacy, Legal) to ensure the Data & AI Platform remains compliant with applicable policies, standards, and regulatory expectationsBenefits by Location Important note: The benefits list depends on where the selected candidate will be hired: in Poland or in Portugal.Poland BenefitsSalary at least PLN 17,600 gross per monthPrivate medical and dental care, life insuranceHybrid model of work and flexible working arrangements (40% of office work and 60% of home office per month)Employee pension planLunch card, Multisport & Cafeteria programWide range of trainings, language learning platform, further education and professional qualification support possibilityFree bike and car parking for all employeesPortugal BenefitsPermanent local contract with a competitive salary together with Tabaqueira's employee benefitsLife and Health insuranceEmployee Pension PlanHybrid working model (or fully remote)Growing opportunities within the Company, both at national and international levelVery diverse and international work environmentWide range of trainings and further education and professional qualification support possibilityEqual Opportunity Statement At PMI we run the business in line with ethical principles and encourage SpeakUp culture. We care for equal chances and fair treatment. If you find anything that violates these principles in this job offer or the recruitment process, you may contact our Ethics and Compliance Team at PMIEthicsandCompliance@pmi.com. Read more about Ethics and Compliance at PMI - here.#J-18808-Ljbffr