- pełen etat, praca zdalna
Risk & Control Analyst, CyberSecurity Services
- Bachelor / Honours Degree in Information Technology, Computer Science, Cyber Security or other technology related qualifications or 6+ years of experience in cyber/IT security, technology audit or assurance, which must include some element of experience in a ‘first line’ security or assurance team.
- Fluency in English, both oral and written.
Preferred (but not essential):
- Background in the information and cyber security domain within international financial services organisations.
- Demonstrated ability to support a ‘first line’ function in responding to external/regulatory audits.
- Up to date with key regulation / developments in Information and Cyber Security Management Framework (including Technology Risk Management), Data, Privacy and Automation.
- Professional Qualifications (i.e. CISSP, CCNA and CCNP).
- Risk & control, assurance or audit experience.
- Ability to challenge the status quo.
- Excellent organisation skills with ability to manage multiple deadlines and effectively prioritise workload.
- Strong interpersonal skills to foster positive relationships with internal and external stakeholders.
- Highly effective oral and written communication skills, with an ability to influence and to gain the respect of senior stakeholders and peers.
- Ability to exercise good judgment and objectivity.
- Demonstrates ability to work with limited direction and multi-task without loss of quality.
- Confident and courageous to raise/escalate issues in a pro-active, professional and timely manner.
- Sharp attention to detail and internal quality control.
- Able to effectively present the findings with a clear, concise manner.
- Can do attitude, solution-oriented mindset and self-driven person.
- Ability to identify opportunities for continuous improvements.
- Demonstrate understanding of and commitment to the Group’s core values.
- Perform all risk and control activities related to all people, processes, and assets within the CSS SMA function.
- Act as the confidant to the CSS SMA ‘Process Owner(s)’ responsible for developing, prioritizing and implementing controls.
- Provide timely and accurate risk & control MI to the management within risk management systems and repositories.
- Timely response to RFIs (Request For Information) towards supporting LRM and Regulatory Assessments.
- Deliver risk focused, timely and re-performable deep dive reviews.
- Support design and maintenance of internal processes that allow CSS SMA to dynamically monitor risk as well as effectively mitigate identified gaps.
- Maintain CSS SMA controls and corresponding metrics.
- Drive compliance with the Bank’s risk framework and policies.
- Support the delivery of the Conduct Risk Management plan.
- Support Process owners in the execution of their risk management accountabilities.
- Support liaison with Group Internal Audit and any third party or regulatory inspections.
- Adopt an anticipatory approach to risk assessment through stakeholder engagement and monitoring of the external environment.
- Work with other control assurance teams to drive efficiency, effectiveness and reduce duplication.
- Provide robust challenge and escalation to senior management to ensure activities achieve risk reduction.
- Support activities related to control design, assessment, testing processes and drive continuous improvement.
- Provide timely and accurate reporting to appropriate committees.
- Ensure appropriate oversight and facilitate resolution of high impact risk and issues.
- Work with the CSS Service Lines to identify emerging risks and ensure they are appropriately addressed and subjected to formal governance.
- Support continuous improvement of the CSS internal risk profile reporting, issue management processes and supporting tools.