Lead Cybersecurity Risk Management Consultant
at Epam Systems
zdalnie, województwo śląskie, Poland -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 17 Sep, 2024 | Not Specified | 19 Jun, 2024 | 1 year(s) or above | Assessment,Mitigation,Iso,Analytical Skills,Nist,Reporting,Security Certification,Cissp,Cobit,Presentation Skills,Cisa,Regulatory Requirements | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
REQUIREMENTS
- 5+ years of relevant IT and Information Security experience
- 1+ year of relevant leadership experience
- Proven expertise in risk management, with a strong focus on the FAIR methodology
- Advanced knowledge of industry authoritative sources such as NIST, COBIT, GDPR, and ISO standards
- Strong quantitative analytical skills to evaluate risk scenarios and outcomes
- In-depth knowledge of the full risk management process, including identification, assessment, mitigation, monitoring, and reporting
- Ability to work collaboratively with cross-functional teams to integrate risk management practices into overall business strategies
- Should possess or be working towards one or more of CISSP, CISM, CISA or other relevant security certification
- Stakeholder management, communication and presentation skills
- Familiarity with GRC platforms, security-related legal and regulatory requirements
- Excellent command of English language, both written and spoken at a B2+ level
Responsibilities:
- Support the Head of Cyber Security departments in the development of Information Security strategic plans and defining the tactical initiatives necessary to achieve strategic goals related to information security in the respective countries
- Apply and support the Factor Analysis of Information Risk (FAIR) methodology to quantitatively analyze and manage information risk
- Develop and implement comprehensive risk management strategies and processes across the organization
- Conduct thorough risk assessments and analysis to identify potential threats and vulnerabilities
- Monitor and report on risk management activities, providing actionable insights to stakeholders
- Ensure that all external information security requirements for the external legal and regulatory mandates are embedded in the IS control framework
- Design a strong understanding of potential IS risks and support in keeping updated the relative threat landscape
- Monitor and report on compliance with industry standards and regulations
- Record cyber risk activities and issues in GRC tool, follow up on issues and report assessment results and risk ratings to the appropriate level(s)
- Periodically review the risk process for continuous improvements in the process to ensure the most effective and efficient process is implemented
- Analyze business requirements and determine overall IS training strategy
- Maintain the IS policy framework (policies, standards), ensuring ongoing accuracy and applicability
- Identify new business requirements or industry trends, analyze business impact, and make policy framework adjustments when necessary
REQUIREMENT SUMMARY
Min:1.0Max:5.0 year(s)
Financial Services
IT Software - Network Administration / Security
Finance
Graduate
Proficient
1
zdalnie, Poland