World
Country
Language

poland Poland

portugal Portugal

netherlands Netherlands

Cybersecurity Control Design & Oversight Analyst

  • Hybrid/On-site
  • English
  • Banking
  • Expert/Senior
  • Agile/Scrum
Add to Job Cart RECOMMEND A CANDIDATE

Join us, and drive global cybersecurity standards forward!

Kraków – based opportunity with hybrid work model (6 days/month in the office)

As a Cybersecurity Control Design & Oversight Analyst, you will be working for our client, a leading global financial institution committed to maintaining a robust and compliant cybersecurity framework. You will support the continuous development of the cybersecurity control environment, ensuring controls are designed and measured in alignment with internal standards and external regulatory expectations. Based in Kraków with a global scope, you will engage with various stakeholders to define, refine, and oversee cybersecurity controls that protect critical technology and information assets.

Your main responsibilities: Collaborating with stakeholders to ensure cybersecurity controls align with regulatory requirements

  • Supporting the design and implementation of control measurements and attributes
  • Reviewing control effectiveness against internal standards and industry best practices
  • Coordinating with Cybersecurity and Risk teams to ensure compliance across the control environment
  • Maintaining accurate documentation for controls and their performance metrics
  • Translating technical risks and controls into business-relevant language
  • Identifying gaps in the control framework and recommending improvements
  • Supporting audit and assurance activities related to control compliance
  • Monitoring control measurement performance using defined indicators
  • Participating in global initiatives to enhance the cybersecurity control landscape

You’re ideal for this role if you have:

  • Experience with cybersecurity risk and control frameworks
  • Proven background in control design and implementation
  • Understanding of inherent and residual risk concepts
  • Ability to communicate complex IT topics to non-technical stakeholders
  • Technical knowledge in IT or cybersecurity domains
  • Proficiency in MS Office and MS Teams
  • Strong stakeholder management and communication skills
  • Experience working in global and multicultural environments
  • Ability to work both independently and collaboratively in fast-paced settings
  • Excellent written English and documentation skills

It is a strong plus if you have:

  • Familiarity with industry standards such as NIST, CIS, or ISO
  • Experience with Governance, Risk, and Compliance (GRC) tools
  • Industry certifications in cybersecurity, technology, or risk (e.g. CISM, CRISC)
  • Knowledge of performance indicators such as KCIs, KRIs, and KPIs
  • Experience working within the 1st Line of Defense in large organizations
  • Exposure to control requirements specific to financial institutions
  • Hands-on experience with regulatory audits or security assessments
  • Ability to handle ambiguity and drive clarity in complex environments
  • Background in secure systems design or IT compliance
  • Understanding of enterprise-scale cybersecurity operations

#GETREADY  to meet with us!

We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at recruitment@itds.pl.

Internal number #7006

Benefits

Access to +100 projects
Access to Healthcare
fintech-delivery
Access to Multisport
Training platforms
Access to Pluralsight
Make your CV shine
B2B or Permanent Contract
Flexible & remote work
Flexible hours and remote work

Apply for this job now

    I agree to receive marketing information from ITDS Polska to the e-mail address provided
    The data controller of your personal data is ITDS Polska sp. z o.o. We process your personal data for recruitment process for selected jobs, to inform you of similar jobs in the future and to pursue ITDS's other legitimate interests, such as handling correspondence, securing our recruitment processes or pursuing/defending against claims. Also, by providing ITDS with personal data in the scope specified in art. 22(1a) § 1 of Labor Code, you agree that ITDS will process them for the purpose of recruitment. You have the right to withdraw your consent (the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal), request access to personal data, their rectification, deletion or restriction of processing; to object to processing, as well as the right to data portability; to lodge a complaint with the supervising authority. Please find more information in our Privacy Policy.

    You can report violations in accordance with ITDS's Whistleblower Procedure available here.