All offersWrocławSecuritySecurity Risk Analyst (TPRM)
Security Risk Analyst (TPRM)
Security
Experis Manpower Group

Security Risk Analyst (TPRM)

Experis Manpower Group
Wrocław
Type of work
Full-time
Experience
Senior
Employment Type
B2B
Operating mode
Hybrid

Tech stack

    TPRM
    regular
    Risk Management
    regular
    ISO27001
    regular
    Security assessments
    regular

Job description

Online interview

Requirements:


  • Conducting risk assessments (ideally of third-party vendors) against security standards, such as ISO 27001 and NIST
  • Understanding of concepts of cyber security controls in IT areas (e.g. Access management, Application security)
  • Knowledge of security assessments methodology
  • Analyzing and evaluating security controls and documentation policies (evidence)
  • Recommending mitigation actions related to identified risks
  • Reporting and communicating identified risks to stakeholders
  • Monitoring of status of implementation of mitigation actions and support


Education and skills:


  • 2+ years of experience in security assessments and cyber risk management (ideally including TPRM)
  • Practical understanding of IT security standards such as ISO27001, NIST, OWAS
  • Bachelor's degree with professional certification in Cybersecurity, IT or a related field
  • Certifications such as CISA, CISSP, CISM as a plus
  • Communication skills
  • Good self-organization
  • English skills in writing and speaking
  • Analytical and problem-solving skills


Responsibilities:


  • Third Party Risk Mgmt experience in the following areas:Conducting risk assessments of third-party vendors to identify potential security threats and vulnerabilities
  • Conducting Cloud assessments
  • Conducting audits
  • Analysing and evaluating vendor security controls, policies, and procedures to ensure compliance with regulatory requirements and industry best practices
  • Developing and implementing risk mitigation strategies to address identified vulnerabilities and reduce the organization's exposure to cyber threats
  • Communicating assessment findings and recommendations to internal stakeholders, including senior management, legal, and compliance teams
  • Monitoring and tracking vendor compliance with security policies and procedures through ongoing assessment activities


Offer:


  • B2B via Experis
  • Hybrid work from Cracow or Wrocław - 4 days per week from the office
  • MultiSport Plus
  • PZU group insurance
  • Medicover
  • e-learning platform