Conducting risk assessments (ideally of third-party vendors) against security standards, such as ISO 27001 and NIST
Understanding of concepts of cyber security controls in IT areas (e.g. Access management, Application security)
Knowledge of security assessments methodology
Analyzing and evaluating security controls and documentation policies (evidence)
Recommending mitigation actions related to identified risks
Reporting and communicating identified risks to stakeholders
Monitoring of status of implementation of mitigation actions and support
Education and skills:
2+ years of experience in security assessments and cyber risk management (ideally including TPRM)
Practical understanding of IT security standards such as ISO27001, NIST, OWAS
Bachelor's degree with professional certification in Cybersecurity, IT or a related field
Certifications such as CISA, CISSP, CISM as a plus
Communication skills
Good self-organization
English skills in writing and speaking
Analytical and problem-solving skills
Responsibilities:
Third Party Risk Mgmt experience in the following areas:Conducting risk assessments of third-party vendors to identify potential security threats and vulnerabilities
Conducting Cloud assessments
Conducting audits
Analysing and evaluating vendor security controls, policies, and procedures to ensure compliance with regulatory requirements and industry best practices
Developing and implementing risk mitigation strategies to address identified vulnerabilities and reduce the organization's exposure to cyber threats
Communicating assessment findings and recommendations to internal stakeholders, including senior management, legal, and compliance teams
Monitoring and tracking vendor compliance with security policies and procedures through ongoing assessment activities
Offer:
B2B via Experis
Hybrid work from Cracow or Wrocław - 4 days per week from the office
MultiSport Plus
PZU group insurance
Medicover
e-learning platform
6 130 - 6 970 USD
B2B
Apply for this job
Informujemy, że administratorem danych jest ManpowerGroup S.A. z siedzibą w Warszawie, ul. Prosta 68 (dalej jako "admin...more