- experience in information security, risk management or compliance,
- strong analytical skills,
- familiarity with third party risk assessment methods and control frameworks such as ISO27001, NIST, COBIT, SOC2,
- excellent written and verbal English communication skills; ability to express thoughts clearly, know how to listen and contribute in a team environment.
You'll get extra points for:
- working knowledge of the financial industry,
- experience in Third Party Security Ratings solutions,
- relevant security certifications such as ISO27001LA, CISA, CISM, CISSP etc.,
- a self-starter and an output-driven team player with experience in fast-paced environments,
- work efficiently and independently with minimal supervision (i.e., self-motivated, and willing to stretch to meet important deadlines).
Your responsibilities:
- conduct information security assessments of suppliers (third party vendors and cloud services) including advising management on how to mitigate any identified risks,
- support the evolution and continuous improvement of vendor risk assessment processes including the development and maintenance of procedures, artifacts, and metrics to be used in the assessment of suppliers,
- perform third party compliance risk tracking, trending, analysis, and executive reporting,
- provide guidance to business partners to ensure compliance with information security regulatory requirements and internal policy,
- assist with development and implementation of the third party risk assessment strategy, methodology, and process through the CISO End-to-end Third Party Cyber Risk Management lifecycle.
Information about squad:
Working as part of a team, you provide direction and support in Third Party Risk management, will leverage various sources of data to assess in the end-to-end contracting lifecycle, associated practices of ING suppliers globally, highlight risks and control gaps associated with supplier's security program, categorize the potential risks based on severity, and identify potential mitigation activities. You will work both independently, as well as with both internal and external stakeholders, to determine business risk of control gaps identified during control and risk assessments and collaborate across business lines leading risk assessments and work with other teams within the organization.
The role naming convention in the global ING job architecture will be "Business Control Specialist II".
-
Third Party IT Risk Auditor
4 dni temu
ING Katowice, Polska W pełnym wymiarze godzinWe are looking for you, if you have: · experience in information security, risk management or compliance, · strong analytical skills, · familiarity with third party risk assessment methods and control frameworks such as ISO27001, NIST, COBIT, SOC2, · excellent written and verbal ...
-
Internal It Auditor
3 dni temu
Knauf It Services Polska Sp. Z O.o. Katowice, Polska W pełnym wymiarze godzinAbout-project : We are looking for the Internal IT Auditor which will protect the assets of our company through the execution of general auditing procedures, participate in audit planning, and lead IT audits of critical business infrastructure and applications. · Analyze findings ...
-
Cybersecurity Manager
1 tydzień temu
Alstom Katowice, PolskaReq ID:438409 · At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signaling and digital mobility, we offer our diverse customers the broadest portfolio in the ind ...
-
Internal IT Auditor
4 dni temu
Knauf Katowice, PolskaWe are looking for the Internal IT Auditor which will protect the assets of our company through the execution of general auditing procedures, participate in audit planning, and lead IT audits of critical business infrastructure and applications. Analyze findings, prepare reports, ...
-
GR/IR and A/P Debit Balance Controller
1 tydzień temu
Rockwell Automation Katowice, Polska W pełnym wymiarze godzinRockwell Automation is a global technology leader focused on helping the world's manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing compan ...
-
Treasury Specialist
2 dni temu
Koch Global Services Katowice, PolskaYour Job · Join our organisation as Treasury Specialist . · Our Team · Be part of a Global Treasury Capability which manages the EMEA Treasury activities for several Global Corporate subsidiaries of Koch Industries Inc. Assist the Treasury Manager with the day-to-day EMEA ca ...
-
SOX ITGC Domain Manager
2 dni temu
ArcelorMittal Dabrowa Gornicza, PolskaJob Summary: · The SOX ITGC Domain Manager is responsible for managing Sarbanes-Oxley Information Technology General Controls (SOX ITGC) compliance across multiple entities / sites / technologies, ensuring that the company's IT systems and processes meet regulatory requirements. ...
Third Party IT Risk Auditor - Katowice, Polska - ING
Opis
We are looking for you, if you have: