Pawel Goralski

The same as the previous role in HID. In 2025 TOPPAN Security acquired Client ID HID business.

As Information Security Analyst I have one direct report and I am combining compliance, technical (hands-on) and administrative side of security.

Compliance responsibilities include helping lead and manage completion of eIDAS regulatory annual audit, ISO27001 audit, ICAO and Government of Malta ICT checks, external audits requested by the Client. My achievements: smooth rectifications with minor opportunities for improvement, generation of regulatory checklists to simulate audit results, introduced preventive checks at regulation draft level.

The technical side includes vulnerabilities scans, penetration testing, monitoring of PKI consultancy, Active Directory hardening, monitoring of threats and attack vectors, daily operation of SIEM and anti-malware tools, network security consultancy, management of security incidents, performance of DR tests. My achievements: improving password policies, introduction of new tools like on-site anti-malware, penetration testing tools, implementation of least privileged and more granular AD roles.

The administrative side includes continuously assessing and mitigating both IT and information security risks (inc. third parties), performing eIDAS the security officer trusted role for PKI ceremonies, managing Document Management System for internal IT and cybersecurity policies, delivering awareness trainings. Achievements: building from scratches DMS and automating approval cycles of 80 documents, developing new threat model and risk assessment templates, new DR test templates, creation of 20 new procedures in line with regulations and best practices, simplification of PKI ceremony evidencing.

This career step is prolongation of the role I held in 2015-2018.

As an Internal Auditor in Cyber Security Audit Team my responsibilities are to monitor Information Security Entities and participate and perform Audits on IS department processes across the globe such as Information Security Officers, Technology Risk and Governance management office or ID Administration or Network Infrastructure Defense. These Audits usually take 2-3 months and I am participating in 5 audits per year. The Audits utilize the Agile methodology approach and tests design and operational effectiveness of the process controls. The role requires me to perform frequent communication with the businesses under Technology, utilize professional nomenclature and to convey the key risks, controls and processes to the senior management.
In 2019 I led Citi Network Infrastructure Defense audit with budget of 3300 hours and 7 auditors within my audit team.
In 2019 and 2020 I was oversight auditor and SME auditor for Data Protection and Identity and Access Management audits and completed 3 entities risk assessment and quarterly business monitoring documentation.

My biggest achievements include championing bi-weekly team calls focusing on workload and task schedules, becoming a team's technical expert for encryption, cloud computing, network security. In 2020 I held 11 hours of training session for my peers about raw data extraction, audit tools and IT inventories. I added value to the team by inventorying, describing and providing written instructions on all Citi approved tools that auditors should use to perform design and operational effectiveness tests.

In June 2020 I decided to move back to Third party information Security team due to US working time.

As Third Party Information Security Assessor my responsibilities are to conduct risk-based remote and on-site assessments of Citibank vendors and to identify main gaps between Third Party and Citibank Information Security Management System (following ISO 27001, NIST, PCI DSS best practices) in EMEA region.
Coordinator is chosen by a Utility Head among 10 team members to additionally cover tasks for EMEA team like : travelling logistics and budget control, workload estimation and distribution, metrics generation, responding to regulatory and internal process related queries, providing expertise on process improvement opportunities to governance group, act as intermediary between EMEA Third Party IS Assessment and other IS functions. EMEA team reports to London Utility Head and program manager in NY.

In total, as LEAD assessor I have completed 50 independent (mostly in Russia, Kazakhstan, Germany, UK, Kenya) IS third party assessments with 20 international onsite visits. Biggest achievement includes building rapport with business, improving timeliness of assessment completion by 50 % and high risk gaps remediation by 20 %. As Coordinator, I organized 3 onsite and 3 remote semi-annual awareness training sessions with business managers on information security risks and gaps identified. I managed onboarding of 10 new vendors in Eastern Europe.

In 2017 I was granted the highest Citibank annual grade (5 % top performers).

As Encryption SME my responsibilities are to administer platforms (encryption key management, secure protocol check, front end and back end transfer route settings) providing encryption solutions for transferring files between Citibank and its business partners. The implementation of solution requires risk based analysis of new transfer connections, participation in security and system scheduled changes, cover 24-7 on call responsiveness in case of platform availability problems.
The team consists of 8 professionals located globally in EMEA, APAC and NAM with the manager in NY.

My biggest achievement include : reducing time needed to generate new encrypted routes by 20 % by improving a bulk upload templates, creation of new risk-based calculator addressing bulk uploads and manual uploads in the system, representing team in Citibank Global Information Security meetings, migrating 100 % of legacy functional IDs used for transferring encrypted files to new centralized repositories (team effort).

As 2nd level Telecommunication engineer (team of 15) my responsibilities are to provide depth technical support to customers through network or equipment monitoring, collect and analyses tracers, logs and all other data relevant for the resolution of a case reported by business partners. All incident investigations are conducted via SSH connections (Putty) to UNIX-based servers, on which software solutions managing telecommunication systems (VOIP, protocols SIP, H323) are installed. The job requires good knowledge of network topology, network security, network devices including media gateways, proxy servers, call servers, PBX.
My biggest achievement include participation in 2014 Olympic Games project of supporting business partners on implementing telecommunication systems. I managed to build good rapport with business and smoothly provide them with technical solutions, reducing escalations and complaints. In the team, I was chosen to manage monthly Customer Satisfaction reports and feedbacks preparing statistical summaries and analyzing customer satisfaction trends. As the result customer satisfaction increased by 5 % during 5 month period.
After my team was relocated abroad, I decided to return to Citibank.

As IT incident response specialist I am responsible for conducting first-level incident diagnosis and determining method of restoring service, Cisco and Avaya telephony systems investigation process, remote desktop incidents, creating permanent control records via updates to the trouble tickets. In this internal support function I am contacted by Citibank employees to solve their daily IT related problems remotely. This role requires good experience with technical settings of Citrix platforms, Office software, business applications like Flexcube, Reuters, hardware, anti-malware, collaboration tools and platforms (Webex, Skype), Java, browsers.
Four times I achieved employee of a month reward in the team of 15 professionals. I improved script for sending automated communication to employees in regards to their requests for information, reducing manual email answers by 30 %. Metrics, statistics and meeting minutes I use to generate improved the communication between our team and other IT functions and more accurately provided the senior management with SLO, SLA rates and customer satisfaction.