Cybersecurity Control Design & Oversight Analyst

Join us, and safeguard operations with precision and technical excellence!

Krakow-based opportunity with the possibility to work 70% remotely!

As a Cybersecurity Control Design & Oversight Analyst, you will be working for our client, a globally recognized financial institution, supporting the development and maintenance of its Cybersecurity control environment. In this global role, you will collaborate with stakeholders to ensure compliance with industry standards and legal requirements. You’ll play a vital part in defining, measuring, and optimizing cybersecurity controls to safeguard the organization’s operations while fostering a culture of continuous improvement.

Your main responsibilities:

• Engaging with stakeholders to ensure controls align with industry standards like NIST 800-53
• Defining and validating control measurements in line with the client’s KCI Design Framework
• Ensuring cybersecurity controls meet legal and regulatory requirements
• Collaborating with peers to enhance management reporting through insightful measurements
• Supporting the design and implementation of operational control instances
• Translating complex IT concepts into actionable business insights
• Identifying gaps in control effectiveness and proposing remediation strategies
• Contributing to documentation of control attributes and operational frameworks
• Maintaining compliance with best practices in cybersecurity risk management

You’re ideal for this role if you have:

• Expertise in control management, including design and implementation
• Familiarity with inherent and residual risk concepts
• Experience with cybersecurity risks and controls
• Knowledge of IT concepts, with expertise in data protection and cryptography
• Fluent English
• Proficiency with MS Office and Teams
• Experience in stakeholder management within an international environment
• A proactive and detail-oriented approach to task completion
• The ability to work independently and collaboratively within a team
• A proven track record in managing ambiguity and change in complex environments

It is a strong plus if you have:

• Familiarity with frameworks like CIS or ISO/IEC 27001
• Knowledge of: Confluence, Jira, IBM OpenPages
• Hands-on experience with GRC tools
• Industry certifications in risk, technology, or security
• Knowledge of KCIs, KRIs, and KPIs in risk management

#GETREADY  to meet with us!

We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at recruitment@itds.pl.

Internal number #6300