.
Senior Analyst - Vulnerability Threats & Defects Remediation
  • Kraków
Senior Analyst - Vulnerability Threats & Defects Remediation
Kraków, Kraków, Małopolskie, Polska
HAYS POLAND Sp. z o.o.
21. 9. 2024
Informacje o stanowisku

Your new company: 

One of the international financial institutions based in Kraków.


Your new role: 

  • Collaborate with all internal and external customers through established governance channels to drive remediation of gaps and their tracking to closure. This includes implementing and maintaining an effective working relationship with key stakeholders internally and externally. 
  • Coordinate the remediation activities required for all security-driven risks across all the customers (i.e., HOST, Cybersecurity function, global businesses, global functions, and regions). 
  • Work experience to drive end to end remediation of Red Team findings.
  • Proactively track the gaps identified during Security Assessments, Third Party Security Reviews and other security testing activities completed by Cybersecurity functions and provide reports that support established governance to drive remediation of gaps and their tracking to closure.
  • Maintain and document remediation plans, metrics and reports that support the team in tracking the closure of all Cybersecurity-owned issues (audits, MSIIs).
  • Ownership and management of escalations if remediation activities are not completed on time.
  • Working closely with Metrics and Reporting team within Cybersecurity to establish effective security testing metrics to support governance and reporting requirements of the business. 
  • Providing guidance on the Remediation framework as required. 
  • Support the functional lead in developing, managing, and maintaining a highly skilled, efficient, and effective Remediation team that focusses on defining, managing, and continuously improving the core processes and activities for remediation.
  • Embedding a culture of individual self-improvement, development, and self-directed learning, whereby staff are expected to maintain subject matter expertise within their area of focus and more broadly within the realm of cybersecurity.
  • Mentoring / Coaching / Guidance for junior team members.
  • Prepare operational reports by exporting data from existing sources (including Power BI dashboards, ServiceNow and Cyberport).
  • Reviewing automated reports for data variances and creating/ implementing action plans to resolve identified issues.
  • Ad hoc tasks as required, including support to other operational and governance activities within CSAT. 
  • Ensuring HSBC values and ‘tone of voice’ are maintained across all communication content and channels.


What you'll need to succeed: 

  • Minimum bachelor’s degree and/or experience in IT security governance and operational processes, preferably in the Financial Services industry or global corporate service provider
  • Good understanding of Cybersecurity risk and control framework and familiarity with Information Security standards, policies, and key cyber regulations. Experience in dealing with regulatory requirements and other risk and compliance matters.
  • Background – experience in Risk and Compliance Management, Vulnerability Management, Security Testing, etc.
  • Ability to understand and assess both threats, controls, and vulnerabilities, articulating these to both technical and business stakeholders.
  • Qualifications – one or more industry-recognised and cybersecurity-related certifications including CEH, CISA, CRISC, CISM, CISSP, CGEIT. This is preferred, however not essential. (CEH preferred)
  • Positive and professional attitude, team player, flexible and adaptable.
  • Confident and takes responsibility and ownership for work and personal development.
  • Ability to produce clear and concise reports for targeted audiences, including senior management.
  • Good spoken and written communication and ability to adapt style based on audience (Fluent in spoken / written English).
  • Ability to build strong relationships and communicate on complex issues with a wide spectrum of stakeholders.
  • Influential, credible, and persuasive, active listener, embraces the company's values, shows good judgement and demonstrates high level of communication skills in order to achieve effective stakeholder management.
  • Expert usage of Microsoft Excel, including the ability to create and understand Pivot tables and manipulate large data sets.
  • Excellent organisational, administrative, analytical and data management skills, with the ability to work accurately and methodically whilst under pressure to meet deadlines.
  • Pro-active, independent individual with a positive attitude who can work remotely.


What you'll get in return:

  • B2B contract,
  • Hybrid word model

As a contractor, you will be eligible for the following benefits package (in full or in part) - at your own cost:

  • Medical care - Medicover
  • Health insurance
  • Multisport card

What you need to do now 

If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.

Hays Poland sp. z o.o. is an employment agency registered in a registry kept by Marshal of the Mazowieckie Voivodeship under the number 361.

  • Praca Kraków
  • Kraków - Oferty pracy w okolicznych lokalizacjach


    96 835
    16 228