The offer is inactive, it is not possible to respond to it.
Senior Policy, Compliance & Risk management Specialist
IBMJob information
Position / industry
Information Technologies - Software; IT Security Specialist, Computer Network Administrator, System AdministratorJob description, information about job
We are looking for a person who wants to work in a team driving the risk and compliance for CIO. It's more about to comply with existing policy and standard rather than actively participating in definition of security requirements. However squads often need a consultation from cybersecurity perspective and/or discuss and address regulatory matters. Therefore it's required to have a background in this area. Although it's a business controls type role to some extend, an understanding of technical aspects is also needed. Any experience or certification in auditing or some industry standards is advantage. (i.e ISO 27k, SOC, CISSP...)Your Role and Responsibilities:As part of a Policy,compliance & risk team your key activities will be to:
- Understand the security and compliance aspects of IT service delivery
- Know corporate security policies and standards and how they affect the IT environment
- Knowledge in terms of security and compliance, identify and remove roadblocks, innovate and continuously improve, challenge status quo
- Consult and guide squads in security/compliance related topic
- Interact with CISO/BISO organization, translate requirements into business
Work with Corporate business contrals and with Corporate audit
- Become familiar with tools and applications through which security metrics are rolled up for reporting at the Executive level
- Act as a lead for all matters related to infrastructure security and compliance
- Support risk assessment process by reviewing and consulting the risks
- Drive through MSAC process quarterly
- Support squads in formal security and compliance reviews, e.g. Internal Audits, External Audits
- Be a core member of account’s Audit Project Office
- Engage technical teams and coordinate responses to initial data requests
- Attend live testing meetings, look out for concerns raised during testing, take follow-up requests
- Use judgement and expertise to mitigate findings, conditions and datasheets
- Keep up with good/best practices in the IT industry related to Cyber security
Know key IT service delivery processes and their impact on security policy implementation, especially, but not exclusively:
- Backup and restore
- Disaster recovery
- Security hardening
- Health checking
- Identity & access management
- Integrated service management (incidents, problems and changes)
- IT Risk management
- Patch management
- Physical security
- Endpoint security
- Security inventory
- System access controls
- Support/conduct technical testing of Network and Server environments
- Salary stars from 2.800EUR, based on your experience
Offered salary
2800 EURStart date
by agreement (ASAP)Type of employment
full-timeEmployee requirements
Minimum required education
Secondary with Leaving ExaminationSuitable for graduates
NoSuitable for graduates
No
