Rafal Grzech, Developer in Kraków, Poland
Rafal is available for hire
Hire Rafal

Rafal Grzech

Verified Expert  in Engineering

IT Security Specialist and Developer

Kraków, Poland
Toptal Member Since
June 22, 2022

Rafal is a seasoned IT security specialist with extensive experience dealing with information security, management systems, risks, and compliance in challenging business environments. He combines solid technical knowledge with excellent strategic thinking, analytical, leadership, and managerial skills to match technology and business accurately. Rafal excels in delivering extensive and challenging programs for big organizations.



Preferred Environment

C, C++, Python, Go, Dart, Flutter, Assembler x86, JavaScript, Node.js, Excel VBA

The most amazing...

...solution I've designed and implemented from scratch is an information security management system for a big international organization, ISO 27001 certified.

Work Experience

Head of Information Security, Risk, and Compliance for Europe

2007 - 2019
  • Introduced a complete information security management system (ISMS) for a big organization that is ISO 27001 certified.
  • Performed several security audits for a large business landscape.
  • Took part in the team developing a sophisticated authentication and authorization system based on public key infrastructure (PKI) technology and smart cards.
Technologies: Information Security Management Systems (ISMS), CISSP, Audits, Risk Management, Penetration Testing, Business Continuity Planning (BCP), Business Continuity & Disaster Recovery (BCDR), PCI Compliance, IT Security

Information Security Management System ISO 27001

The project encompassed various aspects of information security, including:
• Managing information security
• Managing information systems projects
• Conducting risk analysis and management
• Analysing, designing, and implementing sophisticated information security and monitoring systems in complex environments
• Designing and deploying security policies, procedures, plans, and instructions based on ISO 27001 and the ISF's Standard of Good Practice
• Ensuring business continuity and disaster recovery management
• Applying advanced knowledge of cryptography techniques such as public key infrastructure (PKI), security auditing, and operational risk management
• Performing security reviews
• Handling identification, authentication, and authorization systems
• Handling monitoring and intrusion detection tools and systems
• Handling separation and access control systems
• Knowing security hardware, including smart cards and biometrics
• Applying counter-surveillance techniques
1995 - 2000

Master's Degree in Computer Science

AGH University of Science and Technology - Kraków, Poland


CISSP – Certified Information Systems Security Professional





C++, Assembler x86, Excel VBA, C, Python, JavaScript, Go, Dart




Penetration Testing, DevOps


Certified Information Systems Security Professional, Information Security Management Systems (ISMS), Audits, Information Security, Risk Management, Risk Assessment, CISSP, Business Continuity Planning (BCP), Business Continuity & Disaster Recovery (BCDR), IT Security, Software Development, PCI Compliance, Design, Architecture

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.


Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring