Security Risk Analyst (TPRM)
Security
Security Risk Analyst (TPRM)
Experis Manpower Group
Wrocław
Type of work
Full-time
Experience
Senior
Employment Type
B2B
Operating mode
Hybrid
Tech stack
TPRM
Risk Management
ISO27001
Security assessments
Job description
Online interview
Requirements:
- Conducting risk assessments (ideally of third-party vendors) against security standards, such as ISO 27001 and NIST
- Understanding of concepts of cyber security controls in IT areas (e.g. Access management, Application security)
- Knowledge of security assessments methodology
- Analyzing and evaluating security controls and documentation policies (evidence)
- Recommending mitigation actions related to identified risks
- Reporting and communicating identified risks to stakeholders
- Monitoring of status of implementation of mitigation actions and support
Education and skills:
- 2+ years of experience in security assessments and cyber risk management (ideally including TPRM)
- Practical understanding of IT security standards such as ISO27001, NIST, OWAS
- Bachelor's degree with professional certification in Cybersecurity, IT or a related field
- Certifications such as CISA, CISSP, CISM as a plus
- Communication skills
- Good self-organization
- English skills in writing and speaking
- Analytical and problem-solving skills
Responsibilities:
- Third Party Risk Mgmt experience in the following areas:Conducting risk assessments of third-party vendors to identify potential security threats and vulnerabilities
- Conducting Cloud assessments
- Conducting audits
- Analysing and evaluating vendor security controls, policies, and procedures to ensure compliance with regulatory requirements and industry best practices
- Developing and implementing risk mitigation strategies to address identified vulnerabilities and reduce the organization's exposure to cyber threats
- Communicating assessment findings and recommendations to internal stakeholders, including senior management, legal, and compliance teams
- Monitoring and tracking vendor compliance with security policies and procedures through ongoing assessment activities
Offer:
- B2B via Experis
- Hybrid work from Cracow or Wrocław - 4 days per week from the office
- MultiSport Plus
- PZU group insurance
- Medicover
- e-learning platform