Enable job alerts via email!
Information Security Auditor
ING
Katowice
On-site
PLN 120,000 - 180,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading financial institution in Katowice is seeking a Business Control Specialist II to manage third-party risk assessments and provide guidance on compliance with information security requirements. Candidates should have strong analytical skills and experience in information security. The role involves assessing vendor risks, enhancing risk processes, and collaborating across teams.
Qualifications
- Experience in risk management or compliance.
- Familiarity with third-party risk assessment methods and control frameworks.
- Self-starter with minimal supervision.
Responsibilities
- Conduct information security assessments of suppliers.
- Support vendor risk assessment processes.
- Perform third-party compliance risk tracking and reporting.
- Provide guidance on compliance with security regulatory requirements.
- Assist with third-party risk assessment strategy development.
Skills
Tools
We are looking for you if you have:
experience in information security, risk management or compliance
strong analytical skills
familiarity with third party risk assessment methods and control frameworks such as ISO27001, NIST, COBIT, SOC2
excellent written and verbal English communication skills; ability to express thoughts clearly, know how to listen and contribute in a team environment
working knowledge of the financial industry
experience in Third Party Security Ratings solutions
relevant security certifications such as ISO27001LA, CISA, CISM, CISSP etc.
a self-starter and an output-driven team player with experience in fast-paced environments
work efficiently and independently with minimal supervision (i.e., self-motivated, and willing to stretch to meet important deadlines)
conduct information security assessments of suppliers (third party vendors and cloud services) including advising management on how to mitigate any identified risks
support the evolution and continuous improvement of vendor risk assessment processes including the development and maintenance of procedures, artifacts, and metrics to be used in the assessment of suppliers
perform third party compliance risk tracking, trending, analysis, and executive reporting
provide guidance to business partners to ensure compliance with information security regulatory requirements and internal policy
assist with development and implementation of the third party risk assessment strategy, methodology, and process through the CISO End-to-end Third Party Cyber Risk Management lifecycle
Working as part of a team, you provide direction and support in Third Party Risk management, will leverage various sources of data to assess in the end-to-end contracting lifecycle, associated practices of ING suppliers globally, highlight risks and control gaps associated with supplier's security program, categorize the potential risks based on severity, and identify potential mitigation activities. You will work both independently, as well as with both internal and external stakeholders, to determine business risk of control gaps identified during control and risk assessments and collaborate across business lines leading risk assessments and work with other teams within the organization.
The role naming convention in the global ING job architecture will be “Business Control Specialist II”.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
