Cpl Jobs is a part of the larger European recruitment and HR services group, Cpl Resources. We help the greatest talents to develop their careers and enable leading companies on the Polish and European market to find the best professionals.
For an international organization form IT industry, new brand but already well known on the Polish market, we are looking for Candidates for the position of: IT Risk Analyst (Senior / Analyst).
As a member of the Business Innovations Team, reporting to the Director, IT Risk Management, this position is responsible for assisting with the assessment of the company's technology risk. Responsible for identifying technology risks, and evaluating the design and effectiveness of information technology controls, this position will participate in all aspects of IT Risk Management including: project risk consulting, 3rd party vendor assessments, audit facilitation and remediation assistance, compliance consulting, policy and standards development, IT control assessments, and incident response.
Responsibilities
- Assist with the development, execution, and continuous improvement of the IT Risk Management framework and program operations.
This includes performing IT control risk assessments, executing the annual IT risk assessment program, and collaborating with consulting resources (internal and external) on special projects designed to address, and reduce, technology-related risks.
- Stay current with IT risk trends, regulatory changes, and recommend changes in the IT Risk Management framework/program operations in order to mitigate risk associated with information/technology assets.
- Ensure all phases of work conform to ISACA’s Risk-IT Framework for IT Risk Management.
- Contribute to identifying and evaluating IT risk areas while developing and promoting best practice methods for IT Risk Management throughout global organization.
- Perform assessments on, but not limited to: security administration, operating system and database security, business continuity, data centers, and pre and post application implementation reviews.
- Lead and coordinate business process and systems knowledge walkthroughs with financial and operational auditors in order to identify, and document, technology risks.
- Interact with various levels of internal and external personnel, as well as company management, in obtaining information, presenting findings, reviewing recommendations, and discussing control assessment results.
- Ability to independently create work programs for control assessments from standards/best practices documentation
Requirements:
- Higher education degree, preferably in accounting, computer science, programming, or management information systems.
- At least 3 years of in one of the following areas: technology audits, security risk management, project management, technical infrastructure design/implementation, or application design/implementation.
- Professional certification or actively pursuing certification (CISA, CISM, CIA or similar) would be an asset.
- Proficiency in ERP platforms and other, general business applications/processes.
- Significant experience with, and understanding of, IT general controls as it pertains to implementing controls to address business risk.
- Experience performing 3rd party vendor assessments/SOC audits.
- Deep knowledge and experience in the review of systems business processes and related controls.
- Experience with continuous monitoring techniques and/or proficiency with specialized audit/data analytics/data collection scripting software.
- Strong interpersonal and communication skills.
- Strong PC skills for MS Word, Excel (MS Access and SharePoint are pluses).
- Willingness and ability to travel (both domestic and global) ~ 10%.
- Working knowledge of enterprise risk management (ERM) framework.
We offer
- Friendly working atmosphere
- Professional trainings and onboarding package
- Attractive salary
- Social benefits
- Multilingual and multicultural work environment