Grzegorz Mastalerz

Responsible for providing leadership, guidance, and expertise across a EMEA Resiliency Services. This includes work coordination, guidance in issue resolution, and promoting team skills, provides sound problem-solving techniques, and facilitates process execution, ensures auditability is maintained, implements plans to solution exposures, promotes improvements within the assigned process area and utilizes the agile methodology. Also responsible for audit readiness, business controls and compliance within the Resiliency Services. Ensures audit readiness and compliance to contractual requirements, IBM and client security documents, global process documents,and security self-assessment workbooks with particular focus on process control points, execution of primary controls, and artifact creation and retention. Acts as a delivery focal for auditors, security asset and risk management audit & compliance practitioners.

Be responsible for delivering “end 2 end“ Security Services defined in the Contract / DOU / CSD (Customer Security Document).
Act as a focal point to account management and delivery teams for all operational security related activities.
Report to the Delivery Project Executive or Service Management security contact and provide objective, informed and impartial guidance that balances the needs of the customer and IBM.
Establish, maintain and oversee effective working relationships, either directly or in partnership with Service Management, for all IBM and Third Party teams providing security support on the account.
Serve as a dedicated focal point for managing security incidents that occur in the customer's environment and provide appropriate SME advice to help resolve matters.
Provide informal security reviews for IBM delivered processes or architectures to ensure that security contractual requirements are delivered.
Maintain and enhance effective working relationships with the customer by regularly holding meetings, by understanding the customer’s security requirements and by promptly responding to customer requests/queries/problems.
Understand differences between Customer security policies, processes and IBM standards.
Analyze contract statement and customer Information Security Policy.
Create High and Low level plan for Customer Security Document (CSD) and Technical Specifications development.
Develop CSD Main Body with alignment to customer contract and internal security policy to meet customer's/IBM objectives.
Develop Technical Specifications for all systems/appliances/subsystems.
Finalize IBM Security Policy document with customer and release it for production on steady-state account.

Leading and driving team of security, compliance in risks specialists towards customer's success and contract fulfillment.
Being accountable for delivering “end 2 end” Security Services defined in the Contract.
Managing basic implementations of the Customer Security document.
Supporting the technical solution teams with sizing security policy documents and/or any other customer security requirements.
Driving and managing internal and external security/compliance/risk audits.
Acting as a focal point to account management and delivery teams for all operational security related activities.
Establishing, maintaining and overseeing effective working relationships for all IBM and Third Party teams providing security support on the account.
Serving as a dedicated focal point for managing security incidents that occur in the customer's environment and providing appropriate SME advice to help resolve matters.
Providing security consultancy, management and security focus to the account’s management team through the direction and provision of advice, guidance, strategic planning and project management.
Giving directions and being a functional manager for security, compliance and risk teams.

Close cooperation with upper management in compliance and security issues raised.
Lead in any activity concerning security, compliance, audit checks.
All activities from roles Security & Risk Manager and Security Policy Focal Point for GL customer remains active.

Focal Point and customer interface on matters of security and security related.
Maintain communication with customer counter parts.
Secure overall account business and security compliance.
Risk identification and assessment.
Exception management.
Communicate risk and compliance issues to upper management level
Lead Risk mitigation and action plan implementation.
Cooperation on risk acceptance with customer.
Investigation of any shortcomings reported inside IBM or as reported by the customer.
Verification of the services provided (sampling, spot checks).
Lead IBM teams in any audit review (internal, external) driven on local or global level. Wide range (not only limited to security and compliance).
Security Policy management (local level).
Vulnerability management.
Represent account in compliance review calls
Projects participation and lead depends on project nature.

Focal Point and customer interface on matters of security and security related.
Maintain communication with customer counter parts.
Secure overall account business and security compliance.
Risk identification and assessment.
Exception management.
Communicate risk and compliance issues to upper management level
Lead Risk mitigation and action plan implementation.
Cooperation on risk acceptance with customer.
Investigation of any shortcomings reported inside IBM or as reported by the customer.
Verification of the services provided (sampling, spot checks).
Lead IBM teams in any audit review (internal, external) driven on local or global level. Wide range (not only limited to security and compliance).
Security Policy management (local level).
Vulnerability management.
Represent account in compliance review calls
Projects participation and lead depends on project nature.

Team Leader of 21 people - Delivery Compliance Administrator (DCA).

Lead the BAU execution of Health-Check process. Managing work of 5 people in regards to HC.
Cooperation with branches of supported client across all the world (North America, Europe, Asia, Australia).
Supporting internal and external audit reviews.

IT Specialist 2nd lv on WINTEL. Responsible for execution of HealthCheck process on IBM managed servers (NT, Win2k, Win2k3).
Monitoring servers based on GSD331 using tivoli solution (Tivoli Security Compliance Manager).
Troubleshooting TSCM Clinet and connectivity with server.
Every-day work with ManageNow R1 system for Change Management.