Company: Leading global provider of business decisioning data and analytics.
Team: The GRC team encompasses the governance, risk, and compliance activities implemented to avoid costly risks by driving standardization, security priorities and posture improvements, obtaining compliance certifications, supporting customer inquiries and contract negotiations in efforts to increase company’s revenue opportunities. GRC is also responsible for the identification, communications and management of cyber risks in partner and supplier relationships.
Role: The individual in this role will work closely with all Global Security & Risk (GSR) teams such as Security Operations Center (SOC), Technology Operation Risk Management, Security Engineering, Security Architecture and Vulnerability Management as well with Technology Operations, Development and Architecture teams in Europe to identify, document and monitor current risks and controls and will liaise with Business side across europen units. This role reports directly to the Business Information Security Officer Europe in company’s global Governance-Risk-Compliance (GRC) team within GSR.
- Career development in a global company with almost 200 years of history.
- Very attractive remuneration (contract of employment or B2B with full social package – paid holidays and sick leave, notice period, etc).
- Work is 99% remote (but the candidate has to reside in Poland) – after the pandemic, candidate may need to be in the office once a month.
- Support Global Security & Risk and Business in Customer Management (security assessments, audits, remediations) and Vendor Risk Management as well Technology Risk Management, Audit Management, Compliance Management, Incident Management, Business Continuity Management.
- Primarily supporting europen customer and vendors, but as well other locations globally where needed.
- Assisting with the management and administration of D&B´s GRC platform.
- Help manage information security policies, procedures and standards.
- Provide regular communication and status reports to stakeholders.
- Be responsible for other duties/projects as assigned by GSR or business management as needed.
- Bachelor´s Degree in Information Security, Computer Science, Information Technology or other related field from an accredited 4-year university, or related work experience. Master’s Degree a plus.
- 4 years of experience focusing on Governance, Risk and Compliance.
- Knowledge about industry standards such as ISO 27001, PCI, NIST CSF, NIST CMMC etc.
- Several years of professional and practical experience, knowledge of the implementation and operation of various business processes systems and methodologies especially the standard family ISO2700x.
- Experience and knowledge IT security systems.
- Excellent problem-solving skills.
- Implementation and administration experience with GRC platforms such as ZenGRC.
- Excellent communication, presentation, and relationship skills, especially the ability to articulate advanced technical topics and build consensus among business and technical constituents.
- Experience translating complex and ambiguous problems into understandable components and actionable plans.
- Self-driven and motivated with excellent organization, administrative, interpersonal skills and project management.
- Preferred: 4+ years’ experience in a dedicated information security role in a large enterprise.
- Ideally certifications such as CISSP, CISA, CISM, or other security management related certification a plus but not a must have.
- Fluent in English.
- This role will be based in Warsaw offices as well as traveling is required.
Posiadamy certyfikat na prowadzenie działalności doradztwa personalnego - wpis pod numerem 14300.