Opis stanowiska podany przez pracodawcę:

Senior Cyber Analyst - Supplier IT Risk Management
Kraków
NR REF.: 1186782

OFFICE LOCATION: CRACOW
WORK MODEL: HYBRID
CONTRACT: CONTRACT OF EMPLOYMENT

This role is responsible for executing supplier assessments supporting company’s global Cybersecurity Supplier IT Risk Management (SITRM) Program.

KEY DUTIES AND RESPONSIBILITIES 

• Execute security risk assessment and analysis of suppliers across all stages of the supplier lifecycle and partner with global vendor management teams, technology, and business functions to educate and communicate cyber risk
• Support implementation and operation of program enhancement efforts including assessment process and technical requirements. Train team members and stakeholders on updated program and processes changes
• Prepare and communicate monthly program metrics and reporting to appropriate program lead
• Provide input on third party security controls, exceptions, and remediation plans to continuously improve assessment process to reduce cyber risk

WHAT YOU’LL NEED TO SUCCEED

• 4 or more years of experience in IT audit, supplier IT risk, vendor, or third-party security risk management
• Bachelor’s Degree in Information Technology, Information Systems, Computer Science or a related technical field of study. Related experience may be considered in lieu of required education
• Working experience with third party security assessment and management tools (Archer preferred)
• Working experience in third party security risk assessment methodologies and industry frameworks
• Knowledge of Shared Assessment Third-Party Risk Management practices and questionnaires
• Solid experience in application, network, and cloud security domains and assessments
• Certifications: Certified Information on Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Shared Assessments Certified Third Party Risk Professional (CTPRP) or Certified Third Party Risk Assessor (CTPRA), Information Systems Security Architecture Professional (ISSAP), or Information Systems Security Engineering Professional (ISSEP)
• Strong critical thinking and planning skills
• Experience in large enterprise environments
• Strong verbal and written communication, negotiation, analytical, time management, organizational, and relationship management skills
• Comfortable dealing with ambiguity, making decisions with sub-optimal/incomplete information
• Ability to analyze and challenge current working methods to create improvements in processes and result
• Experience working with cross functional teams
• Ability to work independently within a geographically dispersed team
• Understand and comply with all applicable company policies

WHAT YOU NEED TO DO NOW:

If you39re interested in this role, click 39apply now39 to forward an up-to-date copy of your CV, or call us now.

Hays Poland sp. z o.o. is an employment agency registered in a registry kept by Marshal of the Mazowieckie Voivodeship under the number 361.

Kontakt do pracodawcy:

Kliknij tutaj, aby skontaktować się z pracodawcą lub wysłać swoje CV »