HRO Recruitment is a specialist traditional recruitment business. HRO Recruitment is a brand of HRO Personnel Sp. z o. o. HRO Personnel is a Human Resources service provider operating under number 6696.
We are working as a recruitment provider searching on our Client's behalf for a person in the following role:
Information Security Officer - Enterprise Risk Management
Location: Cracow
The Operational Risk Management department is seeking a highly qualified individual to take a leading role as the Information Security Officer. The ISO will drive compliance with CIS security controls in Enterprise Risk Management globally. Applicants must have previous experience in successfully acting as a trusted and influential information security advisor to senior-level business management in a large global organization. The ISO will be responsible for monitoring compliance throughout ERM by engaging in the following:
Key Accountabilities:
• Successfully position themselves as a trusted advisor sought out by senior business line management for advice and guidance on security issues
• Develop and maintain a strong understanding of the business processes and technologies used in the business line, and the information security controls that must be applied to these processes and technologies
• Manage information security compliance assessment and remediation of identified business control failures
• Create and/or participate in processes (such as SDLC tollgate meetings and strategic business planning sessions) to ensure that potential security risks associated with new and existing business processes and IT applications are identified and addressed
• Help CIS understand the potential business impacts of proposed new controls, and of potential security risks from new business initiatives
• Actively help business unit management evaluate and mitigate risks associated with third party vendors
• Develop and maintain among all levels of business line staff a high level of awareness about security issues and control objectives
• Partner with CIS to develop and deliver actionable security reporting
• Oversee the work of the business unit Information Security resources (Information Security Officers and Administrators)
• Participate in security incident response program representing the business area to detect and to respond to incidents in a timely manner
• Ensure management attention to CIS Vendor Risk assessment deliverables
• Review and approve non-standard access for high risk access (e.g. blocked web sites, mass storage, application access, non-standard device and non-expiring passwords, process and system IDs)
Requirements:
• 3 to 5 years of information security program management
• Business concepts including financial, business requirements, compliance and risk management
• Financial services experience a plus
• CISA, CISM, CISSP or similar certification required or an agreed upon plan to achieve this certification within 1 year of hire
• Ability to courageously influence colleagues at all levels
• Strong written and oral communication skills
• Strong presentation skills
We offer:
Stable job in professional team
Interesting path of career in an international organization
Consistent scope of responsibilities
Private health care, employees’ benefits
Please add the following clause to the end of your submitted CV: “I hereby consent for HRO Recruitment, a brand of HRO Personnel Sp. z o.o. with their head office in Warsaw at Puławska 182, to use my personal details hereby submitted for their recruitment process (documenting and processing personal information and forwarding said information to their clients within the structure of the client’s recruitment projects) in accordance with the Law on Protection of Personal Data (Dz. U. 2002 r. Nr 101 poz. 926) until I submit a written withdrawal of consent. I confirm that I was informed of the right to modify, access and protect my personal information.”
