Opis stanowiska pracy
Head of Cybersecurity Risk & Controls
Kraków
NR REF.: 1185609
Your new role
The Cybersecurity function is responsible for enabling businesses and functions to manage their Information and Cybersecurity risks as well as ensuring risks and controls are assessed and implemented appropriately, objectively and independently through professional and specialized subject matter experts, whilst ensuring regulatory compliance.
• The Global Head of Cybersecurity Risk & Controls will play a key role in coordinating activities required to implement the Cybersecurity Risk and Controls Strategy across globally in partnership with Control Owners and SMEs. This role will report into the Global Head of Business Engagement, whilst closely partnering with Regional and Business Information Security Officers. The key part of the role will be leading on design, oversight and reporting on Cybersecurity controls.
• The ideal candidate will possess strong leadership and communication skills, a wide knowledge in risk and controls space, as well as across all cybersecurity domains and strong experience in managing international teams and stakeholders. The role holder will be required to manage a global team, stakeholders including the Control Owners, regional and business CIOs and COOs; Cybersecurity Leadership and staff; Chief Controls Office (CCO) Technology, 2LoD Resilience Risk and 3LoD Internal Audit teams.
• Building out, leading and managing a new Global merged team combining Cybersecurity Risk & Controls capabilities.
• Working with the Control Owners, wider CBE team, 2LoD, 3LoD and CCO Technology to ensure that the Cybersecurity owned controls in the Risk and Controls Library and federated controls owned by the business, are designed according to the Bank’s requirements and industry standards and best practises (e.g. NIST FSS) and embedded across the business and regions.
• Lead on reporting capabilities to enable oversight of control effectiveness through Key Control Indicators, as well as to ensure these are tailored and consumed by the business and regions.
• Conduct periodic maturity assessment of Cybersecurity controls against industry best practices frameworks (e.g. NIST) in partnership with independent/external suppliers
• Drive continuous improvement and embedding of the Cybersecurity Risk Quantification (CRQ) model to enable a data driven risk assessment and oversight
What you39ll need to succeed
• Experience with Technology risks and controls. Knowledge of Cybersecurity is a must.
• Significant, subject matter expertise in risk and control management. This includes but is not limited to controls design and implementation and control assessment, as well as MI and executive reporting.
• Wide general cybersecurity knowledge; Understanding of Cybersecurity concepts such as threats, vulnerabilities, attack vectors, inherent/residual risk.
• Understanding metrics and measures in managing risks and controls (KPIs, KCIs, KRIs) is a must.
• Familiarity with the NIST Cyber Security Framework (CSF) would be beneficial.
• Knowledge of Centre for Internet Security (CIS) Measures and Metrics is a plus.
• Experience with GRC Tools (such as HELIOS, ServiceNow, Archer) is a plus.
• Experience in dealing with Senior Management, internal and external audit.
• Strong understanding of regulatory landscape, and key process to ensure robust response to regulatory assessments/exams, as well as customer and third party requests on Cybersecurity maturity posture.
What you39ll get in return
•Competitive Salary
•Annual performance- based bonus
•Additional bonuses for recognition awards
•Multisport Card
•Private medical care
•Life Insurance
•One-Time reimbursement of home office set up (up to 800 PLN)
•Corporate parties and events
•CSR Initiatives
•Nursery and Kindergarten discounts
•Financial support with trainings and education
•Social Fund
•Flexible working hours
•Free parking
If you39re interested in this role, click 39apply now39 to forward an up-to-date copy of your CV, or call us now.
Hays Poland sp. z o.o. is an employment agency registered in a registry kept by Marshal of the Mazowieckie Voivodeship under the number 361.
Prezentacja firmy
HAYS Poland jest firmą doradztwa personalnego, należącą do międzynarodow...
HAYS Poland jest firmą doradztwa personalnego, należącą do międzynarodowej grupy HAYS plc, notowanej na giełdzie w Londynie i największej na świecie firmy zajmującej się rekrutacją specjalistyczną.
Hays działa na rynku rekrutacyjnym od ponad 50 lat, posiada ponad 250 biur, w których łącznie pracuje ponad 10 tysięcy ekspertów w 20 specjalizacjach.
W 2003 roku otworzyliśmy pierwsze biuro w Polsce. Od tego czasu umocniliśmy naszą pozycję na polskim rynku, stając się niekwestionowanym liderem w rekrutacji specjalistycznej. Obecnie w Hays Poland zatrudnionych jest ponad 200 osób w biurach w Warszawie, Katowicach, Wrocławiu, Krakowie, Trójmieście oraz Poznaniu.
Cechą wyróżniającą HAYS jest unikalny system rekrutacji wysokiej klasy specjalistów w oparciu o podział na dywizje:
HAYS Accountancy & Finance
HAYS Construction & Property
HAYS IT & Telecom
HAYS Manufacturing
HAYS Pharma & Healthcare
HAYS Sales & Marketing
HAYS Executive
Rozwiń