Cybersecurity Control Design Manager – Risk & Compliance

Unleash the Future of Cybersecurity — Design and Elevate Cutting-Edge Controls in a Dynamic Environment!

Kraków-based opportunity with hybrid work model (6 days per month from the office).

As a Cybersecurity Control Design Manager – Risk & Compliance, you will be working for a leading financial institution, shaping the cybersecurity control environment to safeguard critical digital assets. Your expertise will define and maintain operational controls, policies, and standards, ensuring compliance with regulatory requirements while continuously improving control effectiveness to support the organization’s security posture and growth.

Your main responsibilities:

• Collaborate with Control Owners, 2LoD, and CCO Technology to ensure cybersecurity controls in the Risk and Controls Library are designed according to industry standards such as NIST 800-53 and organizational requirements.

• Define and implement control measurements aligned with HSBC’s KCIDesign Framework and industry best practices like CIS.

• Partner with Control Owners and stakeholders to ensure controls meet legal, regulatory, and mandatory standards, and provide reliable data for stakeholder reporting.

• Design, manage, and update Policies, Procedures, and Standards related to cybersecurity controls across Engineering, Operations, and Security Assessment teams.

• Act as a key representor and expert on all issues and actions related to controls within the organization.

• Manage issues & actions proactively, engaging with senior stakeholders to ensure timely resolution.

• Prepare and deliver control governance reports that support risk management and compliance monitoring.

You're ideal for this role if you have:

• At least 5 years of experience in Risk, Controls, or Cybersecurity management.

• Strong subject matter expertise in control design, implementation, and ongoing assessment.

• Knowledge of cybersecurity principles, with a generalist background and specialized expertise welcomed.

• Technical understanding of metrics and measures (KCIs, KRIs, KPIs) to manage risks and controls.

• Excellent technical writing skills and highly proficient in written English to ensure quality policies, procedures, and standards documentation.

• Strong stakeholder management and communication skills.

• A team-oriented mentality with the ability to work independently while maintaining high-quality standards.

• Influential and credible interpersonal skills, active listening, good judgment, and alignment with HSBC values.

It is a strong plus if you have:

• Familiarity with NIST 800-53 or CIS Measures and Metrics.

• Experience with GRC tools, such as Helios.

Language Required for the role:

• Fluent English.

We offer you:

ITDS Business Consultants is involved in various, innovative, and professional IT projects for international companies in the financial industry in Europe. We offer an environment for professional, ambitious, and driven people. The offer includes:

• Stable and long-term cooperation with very good conditions

• Enhance your skills and develop your expertise in the financial industry

• Work on the most strategic projects available in the market

• Define your career roadmap and develop yourself in the best and fastest possible way by delivering strategic projects for different clients of ITDS over several years

• Participation in Social Events, training, and work in an international environment

• Access to an attractive Medical Package

• Access to Multisport Program

#GETREADY

Internal job ID #8623

You can report violations in accordance with ITDS’s Whistleblower Procedure available here.