Control Design and Oversight Senior Lead

Join us, and manage impactful cybersecurity policies and procedures!

Krakow-based opportunity with the possibility to work 100% remotely!

As a Cybersecurity Control Design and Oversight Lead, you will be working for our client, a global financial institution. This role is crucial in designing and maintaining the Cybersecurity control environment, ensuring compliance with policies, procedures, and standards. Your expertise will contribute to maintaining robust cybersecurity controls and supporting internal and external audits.

Your main responsibilities:

• Working with Control Owners, 2LoD, and CCO Technology to ensure Cybersecurity controls are designed per industry standards
• Defining control measurements in accordance with the KCI Design Framework
• Ensuring controls comply with legal and regulatory requirements and provide sufficient data for stakeholder reports
• Designing, managing, and maintaining Policies, Procedures, and Standards for Cybersecurity controls
• Ensuring timely execution of self-assessments with accurate evidence in line with maturity scoring reviews
• Monitoring, assessing, and testing Cybersecurity controls with 2LoD, CCO Technology, and Audit teams
• Reviewing and challenging the existing Risk and Control Library, Policies, Procedures, and Standards
• Identifying gaps in frameworks and proposing remediation solutions
• Leading a sub-team of Control Design & Oversight Managers, defining goals, priorities, and addressing escalations
• Representing Cybersecurity Controls in senior management forums
• Streamlining and improving existing CD&O and CRCS processes for best-in-class customer services

You’re ideal for this role if you have:

• Familiarity with the NIST 800-53
• Strong Risk and Controls background with subject matter expertise in Control Management
• Ability to translate complex IT concepts into business-friendly language
• Over 5 years of experience with Technology risks and controls
• Knowledge of Cybersecurity with at least five years of proven experience and recognized certificates
• Understanding of metrics and measures in managing risks and controls (KCIs, KRIs, KPIs)
• Technical writing skills and proficiency in written English for quality output in Control, Policies, Procedures, and Standards design
• Strong stakeholder management and communication skills with experience in international environments
• Experience in leading a team in a fast-paced environment, promoting mutual understanding and engagement
• Ability to complete tasks independently to a high-quality standard within complex, demanding corporate environments
• Strong interpersonal skills, being influential, credible, persuasive, and an active listener

It is a strong plus if you have:

• Experience with GRC Tools
• Knowledge of Centre for Internet Security (CIS) Measures and Metrics

#GETREADY  to meet with us!

We would like to meet you. If you are interested please apply and attach your CV in English or Polish, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at recruitment@itds.pl.

Internal number #5286

Internal number #5286