Security Architecture Assurance Analyst

Kraków, małopolskie
Stała
Pełny etat

6 dni temu

Security Architecture Assurance AnalystLocation – CracowWhy this job is for you:The mission of the Information & Technology (I&T) Digital Security organization is to deliver efficient, effective and secure services that have scalability and flexibility to support the demands of our business. Supporting Head of Information Security Architecture and Assurance you will focus on assessing, reviewing and enhancing security controls across the organization’s IT and OT environments.In this position you will provide assurance and guidance that the security features, practices, procedures, and architectures of an information system accurately mediate risks and enforce security policies, standards, and industry good practice.You will:

Interpret information assurance and security policies and apply these to manage risks
Provide advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines
Plan, organize and conduct information assurance and accreditation of complex domains areas, cross-functional areas, and across the supply chain
Validate that all operating systems, networks, software, and hardware are protected and compliant with organization’s policies
Identify security risks and produce effective reports to articulate and report those risks along with proposed remediations in appropriate risk forums
Engage with information security operations to maintain acceptable levels of control and risk throughout the business
Contribute to the development and implementation of robust set of policies, standards and guidelines
Maintain relevant documentation related to information security
Support monitoring of the external environment and assessment of emerging technologies
Identify risks and vulnerabilities, assess their impact and probability, develop mitigation strategies and reports to the business
Involve specialists and domain experts as necessary
Plan, organize and conduct assessment activity and determinate whether appropriate quality control has been applied
Conduct formal assessments or reviews for given domain areas, suppliers, or parts of the supply chain. Collate, collect and examine records, analyses the evidence and drafts all or part of formal compliance reports
Determine the risks associated with findings and non-compliance and propose corrective actions

You have:

3+ years in cybersecurity, security architecture or security assurance within a complex enterprise environment
Self-starter with excellent people and inter-personal skills and ability to translate technical information into business-relevant information, and develop and maintain close working relationships, present the need for security to all personnel from senior leaders to specialist roles in a manner that encourages positive engagement and demonstrates the benefits of security in improving performance and profitability
Good experience performing security assessments for internal as well as external systems and processes is essential
Demonstrable knowledge and experience of key threat vectors, cyber threat mitigation, information security and risk management principles, third party assurance and project management
Ability to develop security standards and guidelines based on best practices, regulatory requirements, and industry standards
Effective time management skills and ability to juggle several tasks and conflicting priorities
Knowledge and experience working with information security standards and frameworks such as ISF SOGP, Cyber Essentials, ISO, NIST, etc.
Bachelor’s degree in Computer Science, Information Technology, Computer Engineering or related field would be an advantage
Professional certifications: CISSP, CISM, CISA or other relevant information security credentials would be an advantage
Fluency in English is a must

The information necessary in the recruitment process is: name, surname, contact details, education, previous employment record and qualifications.Any supplementary information you provide is processed on the basis of your consent.For the purpose of application to the position specified in the job posting we ask you to place the following statement in your application:“I, hereby, consent to the processing of my personal data contained in the application for the job by International Paper Polska Sp. z o.o for the purpose and to the extent necessary in the recruitment process.”If you want to take part not only in the recruitment process for the job position you applied for but in future recruitment processes as well, we ask you to place the following statement in your application:„I, hereby, consent to the processing of my personal data contained in the application for the job by International Paper Polska Sp. z o.o for the purpose and to the extent necessary in the current recruitment process and in the future recruitment processes as well.”To see Privacy Notice click here:

International Paper

Aplikuj