Tomasz Chyła

InfoSec Specialist  ·  Vulnerability Governance → AI Security  ·  Container Security

I am relentlessly curious. I cannot help but dig deeper into technology and into how systems really work. Right now that means AI, container security, and DevOps. I do not treat them as separate domains; I look for the points where one explains the other.

On the other side is Adlerian psychology. I have noticed that the way people design systems reflects how they think about themselves and others. I want to understand the full picture: technology, plus the people who build and use it.

tomasz.chyla@outlook.com | linkedin/tomaszchyla | tomaszchyla.com.pl

Skills

Model Context Protocol (MCP) Supply Chain Security Prompt Engineering Vulnerability Management Container Security Qualys Guard CVSS v3.1 DevOps / CI-CD Linux ESET ERA NMAP / Burp Suite Active Directory VMware WSUS

Experience

Senior Information Security Specialist @ Nordea May 2022 - Present
  • Identify, assess, and prioritize security vulnerabilities across IT environments, from traditional infrastructure to container platforms.
  • Translate complex vulnerability assessments into practical business insight for stakeholders.
  • Act as a subject matter expert and strategic advisor for vulnerability management, working with technical teams, leadership, and cross-functional stakeholders.
  • Build and maintain comprehensive VM strategies, governance frameworks, and operational processes.
  • Lead container security vulnerability governance, including stakeholder coordination, scan result interpretation, and continuous process improvement.
Information Security Specialist @ Nordea Oct 2020 - Apr 2022
  • Identified, assessed, and prioritized security patching needs.
  • Informed stakeholders about new security patches and required actions.
  • Developed and maintained strategies and processes for effective patch governance.
Information Security Consultant @ Nordea Jul 2020 - Sep 2020
  • Improved and developed the existing vulnerability management process.
Junior IT Security Specialist @ Kingspan Insulated Panels, UK & Ireland Jan 2017 - Aug 2020
  • Administered the ESET ERA 7 console for approximately 1,500 endpoints, including policies, reporting, and threat analysis.
  • Administered WSUS servers; tested and deployed updates to production environments.
  • Scanned internal and external network vulnerabilities with Qualys Guard, from scan execution through remediation.
  • Used nmap and Burp Suite to analyze infrastructure vulnerabilities alongside Qualys.
  • Created and enforced security policies and organizational documentation.
Senior IT Specialist @ Kingspan Insulated Panels Feb 2013 - Dec 2016
  • Managed Active Directory, network infrastructure, and VMware virtualization.
  • Administered Microsoft 2008-2012 servers, backups, and end-user support.
Owner @ Tomasz Chyła Surity Sep 2009 - Sep 2020
  • Delivered professional IT solutions for businesses through my own company for over 11 years.

Certifications

  • Vulnerability Management: Assessing the Risks with CVSS v3.1
  • Linux for Security Experts
  • ESET Client & Network Security Administrator
  • Implementing the NIST Risk Management Framework
  • Web Security: User Authentication and Access Control

Education

Engineer - Network and System Administration @ University College of Commerce in Radom 2010 - 2014

Contact

Open to conversations about security, AI, automation, and what sits at the intersection of those worlds.

tomasz.chyla@outlook.com | LinkedIn | tomaszchyla.com.pl