Cybersecurity Control Design and Oversight Analyst
ref nr: 184/8/2024/KB
In Antal we have been dealing with recruitment for over 20 years. Thanks to the fact that we operate in 10 specialised divisions, we have an excellent orientation in current industry trends. We precisely determine the specific nature of the job, classifying key skills and necessary qualifications. Our mission is not only to find a candidate whose competences fit the requirements of the given job advertisement, but first and foremost a position which meets the candidate’s expectations. Employment agency registration number: 496.
Cybersecurity Control Design and Oversight Analyst
Are you passionate about cybersecurity and eager to contribute to a global project shaping the future of risk control? Join to dynamic team and play a pivotal role in enhancing our Cybersecurity control environment. This global role offers the opportunity to work with international teams and cutting-edge cybersecurity frameworks, all while based in Kraków.
About the Role
As a Cybersecurity Control Design and Oversight Analyst, you will support the continuous development and maintenance of our global cybersecurity control systems. This role will focus on the design, operation, and oversight of cybersecurity controls, ensuring compliance with industry standards and regulatory requirements across various legal entities worldwide.
Key Responsibilities
- Collaborate with diverse stakeholders, including Control Owners and 2LoD, to ensure that cybersecurity controls meet the Bank’s requirements and adhere to industry best practices such as NIST 800-53.
- Define and manage cybersecurity control measurements and industry standards (e.g., CIS).
- Ensure controls are compliant with legal/regulatory requirements and that control metrics provide valuable insights for management reporting.
Skills & Experience We’re Looking For
- Risk & Control Expertise: Experience with control frameworks, including control design, implementation, and management. Familiarity with inherent/residual risk concepts.
- Cybersecurity Knowledge: Experience with cybersecurity risks and controls. Ability to translate complex IT concepts into business-friendly language.
- Technical Background: Solid knowledge of IT, with an understanding of metrics (KCIs, KRIs, KPIs). Experience with MS Office and MS Teams is essential.
- Stakeholder Management: Proven ability to manage relationships in an international environment, collaborating with Cybersecurity leadership, 2LoD, and other stakeholders.
- Team Player with Autonomy: Able to work independently while thriving in a fast-moving, complex corporate environment.
- Interpersonal Skills: Influential, persuasive, and an active listener, with strong communication abilities to engage stakeholders effectively.
Nice to Have
- Familiarity with industry best practices and frameworks (e.g., ITIL, COBIT)
- Experience with GRC tools
- Certifications in Risk/Technology/Security (e.g., CISSP, CISM)
What We Offer
- A role in the 1st Line of Defense, crucial in shaping a data-driven control environment, providing deeper insights into risk exposure and protective measures.
- Opportunities for collaboration and knowledge exchange across Cybersecurity and beyond, with ample learning and development prospects.
- The chance to work in a global, high-paced, and evolving cybersecurity landscape, where your contributions directly influence HSBC’s cybersecurity resilience.
- B2B contract
- Hybrid work from Krakow ( once a week work from office )
Apply today!
