Ta oferta pracy jest nieaktualna od 108 dni. Sprawdź aktualne oferty pracy dla Ciebie

IT Security Compliance Associate Manager

  • Warszawa, mazowieckie pokaż mapę
  • Kierownik
  • 2018-12-04

    Pracodawca ma prawo zakończyć rekrutację we wcześniejszym terminie.

    IT Security Compliance Associate Manager
    Workplace: Warsaw
    LOKALIZACJA: Warszawa

    KEY RESPONSIBILITY:

    • Assist in the development, implementation, monitor and reporting of the IT compliance framework. 
    • Run period assessments for compliance against the IT standards. 
    • Perform compliance reviews of IT systems, services and processes (including 3rd parties), to identify non-compliance risk, weaknesses in controls and opportunities to enhance operational efficiencies. 
    • Assist in the development, implementation and monitoring of reporting mechanisms for IT compliance, to support governance and highlight area of exposure. 
    • Assist in the execution of vendor compliance reviews, including the assessment and treatment for risks that may result from partners, consultants and other service providers. 

    KEY RELATIONSHIPS:

    • Business & IT stakeholders  
    • Wider IT & Security team 
    • IT & Security Governance Committee/Forum 
    • Risk and Audit Committees 
    • External auditors & 3rd Party Vendors  

    SKILLS AND ATTRIBUTES:

    • University degree in technology or a related discipline 
    • Professional certification in IT and Security preferred – e.g. CISA or CISM 
    • 3 or more years of progressive information security, IT or architecture experience 
    • A basic working knowledge of methods and best practice in IT compliance, risk management and IT Security.  
    • Understanding of industry security standards and frameworks such as ISO, ITIL, COBIT, SOx and PCI. 
    • Experience with reporting tools (advanced Excel), with strong attention to detail. 
    • Experience of working in a complex geographical/functional matrix organization  
    • Skills in relationship management and influencing at all levels of the organization  
    • Other Attributes 
    • Knowledge of industry security, risk management and assessment methodologies and standards and applying them in a large enterprise environment - e.g. ISO 27000 series, NIST, OWASP, PCI DSS 
    • Good understanding of current and emerging IT and security technologies, security threats and trends  
    • Exposure and demonstrable experience in a least one discipline; e.g. Microsoft, Oracle, Cisco, SAP 
    • Excellent written and communication skills including experience with non-technical audience 
    opisopis