Cybersecurity Control Design & Oversight Analyst

Join us, and drive global cybersecurity standards forward!

Kraków – based opportunity with hybrid work model (6 days/month in the office)

As a Cybersecurity Control Design & Oversight Analyst, you will be working for our client, a leading global financial institution committed to maintaining a robust and compliant cybersecurity framework. You will support the continuous development of the cybersecurity control environment, ensuring controls are designed and measured in alignment with internal standards and external regulatory expectations. Based in Kraków with a global scope, you will engage with various stakeholders to define, refine, and oversee cybersecurity controls that protect critical technology and information assets.

Your main responsibilities: Collaborating with stakeholders to ensure cybersecurity controls align with regulatory requirements

• Supporting the design and implementation of control measurements and attributes
• Reviewing control effectiveness against internal standards and industry best practices
• Coordinating with Cybersecurity and Risk teams to ensure compliance across the control environment
• Maintaining accurate documentation for controls and their performance metrics
• Translating technical risks and controls into business-relevant language
• Identifying gaps in the control framework and recommending improvements
• Supporting audit and assurance activities related to control compliance
• Monitoring control measurement performance using defined indicators
• Participating in global initiatives to enhance the cybersecurity control landscape

You’re ideal for this role if you have:

• Experience with cybersecurity risk and control frameworks
• Proven background in control design and implementation
• Understanding of inherent and residual risk concepts
• Ability to communicate complex IT topics to non-technical stakeholders
• Technical knowledge in IT or cybersecurity domains
• Proficiency in MS Office and MS Teams
• Strong stakeholder management and communication skills
• Experience working in global and multicultural environments
• Ability to work both independently and collaboratively in fast-paced settings
• Excellent written English and documentation skills

It is a strong plus if you have:

• Familiarity with industry standards such as NIST, CIS, or ISO
• Experience with Governance, Risk, and Compliance (GRC) tools
• Industry certifications in cybersecurity, technology, or risk (e.g. CISM, CRISC)
• Knowledge of performance indicators such as KCIs, KRIs, and KPIs
• Experience working within the 1st Line of Defense in large organizations
• Exposure to control requirements specific to financial institutions
• Hands-on experience with regulatory audits or security assessments
• Ability to handle ambiguity and drive clarity in complex environments
• Background in secure systems design or IT compliance
• Understanding of enterprise-scale cybersecurity operations

#GETREADY  to meet with us!

We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at recruitment@itds.pl.

Internal number #7006