Become 1st Line of Defense and play a significant role in the development of new, data-driven control environment of protective measures!
Krakow-based opportunity with the possibility to work remotely!
As a Controls Design Business Analyst, you will support continuous maintenance and development of the Cybersecurity control environment. You will define and maintain operational control instances and their attributes, control measurements as well as control requirements for Group Cybersecurity.
Your key Responsibilities:
- Engage with variety of stakeholders (including but not limited to Control Owners and 2LoD) to ensure that Cybersecurity, IT Operations, Data and Architecture controls are designed according to the Bank’s requirements and industry standards and best practices (e.g. NIST 800-53)
- Work with stakeholders and peers to ensure that Cybersecurity, IT Operations, Data and Architecture control measurements are defined in accordance with KCI Design Framework and industry best practices (e.g. CIS)
- Work with Cybersecurity, IT Operations, Data and Architecture teams to ensure that the defined controls are compliant with Legal/Regulatory requirements and that control measurements provide sufficient insights for management reports
The ideal candidate has:
- 2+ years of experience with risk and control framework
- Expertise in Control Management. This includes but is not limited to controls design and their implementation
- Experience with Cybersecurity, IT Operations, Data and Architecture risks and controls
- Ability to translate difficult IT concepts into business-friendly language
- Understanding of the Inherent/Residual risk concepts
- Technical background
- Knowledge of Information Technology, at least a generalist with specialist area expertise welcome
- Understanding of metrics and measures in managing risks and controls (KCIs, KRIs, KPIs)
- Good writing skills and proficient use of written English.
- Experience with MS Office and MS Teams
- Stakeholder management and communications skills
- Experience of working in international environment
- Managing stakeholders including Cybersecurity, IT Operations, Data and Architecture Leadership and staff, 2LoD Resilience Risk teams
It is a strong plus if you have:
- Familiarity with the industry best practices and frameworks in Information Technology
- Experience with GRC Tools
- Industry certification in Risk/Technology/Security
#GETREADY to meet with us!
We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at recruitment@itds.pl.
Internal number #3435
Poland
Portugal
Netherlands
Go BACK to Jobs
Złota 59
00-120 Warszawa
Skylight Building
Szczytnicka 11
50-382 Wrocław
Business Link Green2Day Building
info@itds.pl