Due to the scale and complexity of CSC Poland, it is important to have a dedicated function that effectively supervises and monitors all risks connected with information security across CSC Poland. The position is located functionally within Global Information Security function, cooperates with ICG businesses. Physically position is located in Poland CSC to ensure proper and efficient communication.
Key responsibilities:
- Maintain IS programs with a focus on process improvements, removing deficiencies and enhancing current tools for reducing IS risk.
- Provide updates on the IS issues to the business (management forum, BRCC) through established communication channels.
- Support IS policy and standards development and initiatives implementation. Ensure compliance to security practices & standards reducing likelihood of audit, regulatory & legal liabilities.
- Maintain communication channels with cross-sector ISOs with an aim of strengthening relationships to efficiently tackle security issues that span multiple businesses. Escalate significant risks to the Cluster/Regional/Sector IS Leadership for information or action.
- Support implementation of Information Security Training Plan together with providing explanations and training on information security topics for business staff. Ensures compliance with IS training requirements and provides appropriate materials and opportunities.
- Provide a unified and holistic view of vulnerabilities and associated risk exposure.
- Reduce security risks by identifying controls and minimizing weaknesses in applications.
- Proactively engage appropriate stakeholders to be accountable as to the state of their controls and that they understand their responsibilities as to IS risk mitigation and remediation. Engage with Business Managers and business staff to ensure non-compliant items are addressed.
- Support the business in its initiatives by providing guidance on Information Security aspects of projects. Ensure timely delivery on information security, business and/or technology initiatives and projects.
- Attend and participate in internal/external forums and risk committees where appropriate.
- Participation in additional ad-hoc IS & Risk related initiatives and projects
- Assist to pass with a satisfactory audit rating the external, internal and regulatory audit reviews.
Requirements:
- At least 5 years of relevant experience (Audit, IT Risk, Information Security)
- Bachelor's degree
- Team leader and contributor
- Strong work ethic and excellent use of discretion and judgment
- Strong organizational ability and leadership skills
- Ability to build strong relationships between businesses and across countries
- Effective communication skills at all levels and within the user community as well as with technology staff; specifically, the ability to translate "technical jargon" into business common business language
- Ability to analyse complex issues and present findings and potential solutions in plain-English to various levels of management
- Self-motivator
- Excellent time management skills
- Ability to work under pressure
- Ability to focus on details without losing the big picture
- Effective communication skills (English is a must) and ability to influence
We offer:
- Development value: Opportunity to work in a dynamic and complex organization. Challenging and advanced work environment in which capable person can thrive and be visible to the local and regional management.
- Possibility to work with professionals in the multicultural environment
- Opportunity to develop in an international environment in one of the greatest financial institution worldwide
- Opportunity to broaden the practical knowledge how Capital Markets operate
- Social benefits (medical care, Benefit System, life insurance)
- Access to a dynamic variety of training material & courses across multiple delivery platforms
- Opportunity to use English on a daily basis