Tech Risk Analyst

Warsaw Contract B2B Home Office View Job Description
We are looking for Tech Risk Analyst.

Updated on 04/04/2024

  • Work in an international organization
  • Opportunity for professional development

About Our Client

Our client is a multinational family of companies producing hygiene products.

Job Description

  • Directly responsible for performing technology risk assessments and control assessments to ensure systems and applications (on prem and in the cloud) are complying with company policies, applicable regulatory and legal requirements, and leading industry practices.
  • Updating the Business Impact Analysis (BIAs) plans to determine key systems to assess.
  • Maturing the Information Security Risk Management Program by managing the IS risk register and ensuring appropriate risk management strategies are in place and followed up on.
  • Meet with business stakeholders to quantify risks across the organization and maintain the top board level security risks.
  • Develop and drive the implementation of security best practices and standards to mature the overall IS Risk Management Program which includes defining security system and application standards of control.
  • Provide solutions to identified issues and risks.
  • Works with the Manager of Information Security Governance, Risk, Compliance and Strategy to determine the acceptable level of risk for enterprise computing platforms.
  • Liaise with key functional teams such as HR, IT, Digital Marketing, Finance, Internal Audit, Enterprise Risk, Quality, Office of General Counsel and the Business to identify new applications and service providers in use and the associated security controls to secure the data.

The Successful Applicant

  • 6+ years' experience working directly in an Information Security or Information Technology department with experience in developing testing security frameworks for compliance.
  • B.S. in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent); Security certifications such as CompTIA Security +, CISSP, CISA, CCNA or equivalent or working towards certification is preferred.
  • Hands on experience with assessing security configurations in Windows/Mac/Linux environments, Azure and other cloud environments, SQL and Oracle databases.
  • Experience with Netskope, Azure Purview, OneTrust or similar GRC tools is a plus.
  • Experience with Operational Technology (OT) environments and securing manufacturing devices a plus.
  • Strong knowledge & understanding of endpoint, server, network design and topologies.
  • Strong understanding of a "hacker's" mentality.
  • Excellent written and oral communications skills; ability to lead discussions, present complex ideas to audiences of all sizes, and interact with all levels of the organization.
  • Ability to self-manage, work independently with little direction and/or supervision but also work collaboratively in a team environment.
  • Working knowledge of the following frameworks and regulations: ISO 27001/2, NIST 800-53, NIST CSF, CIS Benchmarks, ISF Standard of Good Practice, HIPAA Privacy Rule and Security Rule, MITTRE ATT&CK framework.
  • Ability to prioritize and multitask and a work approach that supports flexibility and adaptability is paramount.
  • Detail oriented and ability to think outside of the box to propose solutions to risks.
  • Ability to communicate security risks to non-technical business stakeholders.

What's on Offer

  • 100% remote
  • B2B Contract
  • International project environment
  • Working in a team of highly skilled professionals
Contact
Karolina Strzoda
Quote job ref
JN-022024-6349639

Job summary

Sector
Information Technology
Sub Sector
IT Business Analysis
Industry
Technology & Telecoms
Location
Warsaw
Contract Type
Contract B2B
Consultant name
Karolina Strzoda
Job Reference
JN-022024-6349639
Job Nature
Home Office