Senior Security Consultant (Risk Management) - 100% Remote
WarszawaSenior Security Consultant (Risk Management) - 100% Remote
Warszawa
NR REF.: 1157389
Hays IT Contacting matches IT Contractors with the best employers. Our passion lies in helping people develop their professional careers in IT sector - quite simply, we power the world of work.
For our Client we are currently looking for qualified Candidates for the position of:
Senior Security Consultant (Risk Management)
Location: Remote 100%
Job type: contract B2B
Length: long term cooperation
Rate: 180 – 200 pln/h ne + vat
Requirements:
Key responsibilities:
Our offer:
Warszawa
NR REF.: 1157389
Hays IT Contacting matches IT Contractors with the best employers. Our passion lies in helping people develop their professional careers in IT sector - quite simply, we power the world of work.
For our Client we are currently looking for qualified Candidates for the position of:
Senior Security Consultant (Risk Management)
Location: Remote 100%
Job type: contract B2B
Length: long term cooperation
Rate: 180 – 200 pln/h ne + vat
Requirements:
- Great interpersonal skills and common-sense approach
- Strong service delivery ethic, strive to exceed expectations
- Ability to work independently
- Minimum Bachelor degree
- Professional certifications in Information Security (CISSP, CISM, ISO27001, CCSK, etc.) are desirable
- 8+ years of relevant experience supporting Information Security in a large enterprise
- Advanced knowledge of cyber/information security management policies and procedures, and governance processes, information systems and network security
- Advanced knowledge of risk management techniques, technological trends and developments in cyber/information security, systems/software development, engineering, integration, testing and evaluation and operating systems
- Advanced working knowledge of applicable and accepted security standards and framework (ISO27001, NIST, CSF, PCI DSS, etc.)
- Experience in conducting risk assessments and information security reviews
- Project and process management skills including the ability to balance multiple initiatives with demanding deadlines
- Knowledge of privacy and data protection regulations (e.g., GDPR)
- SaaS or Cloud security experience and/or knowledge of AWS and Azure desirable.
Key responsibilities:
- The Security Consultant (Risk Management) is responsible for information security assesments and reviews.
- Conduct risk assessments (RA) in accordance with Client’s Information Security Management (ISM), Third-Party Risk Management (TPRM), Client’s Global Information Security Standards (GISS), and Information Europe security processes.
- Perform application assessments, compliance assessments, cloud assessments, technical reviews, as per requirements.
- Complete records in client’s GRC tool (Archer) to capture third-party profiles and engagements, critical assets, perform risk analysis, and create risk treatment plans.
- Work with relevant stakeholders to understand the Risk Assessment scope and conduct business impact analysis (BIA – Confidentiality, Integrity and Availability) for Third Party engagements and/or information assets.
- Coordinate and liaise with third-party contacts / business and technical contacts to understand the security posture of the asset or third-party
- As part of risk assessments, review relevant asset / third-party documentation, including but not limited to control questionnaires, policy documents, independent audit reports, technical vulnerability assessment and penetration testing reports.
- Identify information security and privacy related risks and propose risk treatment plans
- As needed, facilitate the processing of risk acceptance in the Archer GRC tool or follow SEU Information Security WOW and Risk Management Processes.
- Track and follow up with business / technical stakeholders and risk treatment plan owners to assist in ensuring that risk treatment plans are implemented by agreed upon target completion dates.
- Provide subject matter expertise to the business in Security matters related to the risk assessment and/or security reviews.
- Maintain an inventory of critical assets in EU region.
- Complete full Risk Assessment in Archer for critical assets identified within EU region
- Complete Risk reports using globally standardized templates and based on SEU requirements
Our offer:
- Competitive rate
- Real impact on the project – if you are good, you are independent in making decisions
- Fast learning opportunities
Prosimy o aplikowanie poprzez przycisk znajdujący się po prawej stronie ogłoszenia.
