Informacje o stanowisku

Supporting the Client in a Third Party Risk Management process (TPRM), performing Vendor Risk Assessments. Estimated lenght: 2 years

Required experience:

• conducting risk assessments (ideally of third-party vendors) against security standards, such as ISO 27001 and NIST
• Understanding of concepts of cyber security controls in IT areas (e.g. Access management, Application security)
• Knowledge of security assessments methodology
• Analyzing and evaluating security controls and documentation policies (evidence)
• Recommending mitigation actions related to identified risks
• Reporting and communicating identified risks to stakeholders
• Monitoring of status of implementation of mitigation actions and support

Education and skills:

• 2+ years of experience in security assessments and cyber risk management (ideally including TPRM)
• Communication skills
• Good self-organization
• English skills in writing and speaking
• Analytical and problem-solving skills;
• Practical understanding of IT security standards such as ISO27001, NIST, OWASP
• Bachelors degree with professional certification in Cybersecurity, IT or a related field
• Certifications such as CISA, CISSP, CISM as a plus

Supporting the Client in a Third Party Risk Management process (TPRM), performing Vendor Risk Assessments. Estimated lenght: 2 years

,[conducting risk assessments of third-party vendors to identify potential security threats and vulnerabilities;, conducting Cloud assessments, conducting audits;, analysing and evaluating vendor security controls, policies, and procedures to ensure compliance with regulatory requirements and industry best practices;, developing and implementing risk mitigation strategies to address identified vulnerabilities and reduce the organizations exposure to cyber threats;, communicating assessment findings and recommendations to internal stakeholders, including senior management, legal, and compliance teams;, monitoring and tracking vendor compliance with security policies and procedures through ongoing assessment activities; Requirements: TPRM, Security, IT Security Standards, ISO27001, NIST, OWASP, CISA, CISSP, CISM Tools: . Additionally: Sport subscription, Private healthcare, Flat structure, Small teams, International projects, Multisport, LuxMED, Integration events.

Praca Kraków

Chief security officer Kraków

Kraków - Oferty pracy w okolicznych lokalizacjach