Sr. IRM Compliance and Assurance Advisor [Poland]

 

We are looking for information risk professionals to fill the role of Sr. IRM Compliance and Assurance Advisor with our client in Krakow, Poland.

You will:

• Manage the supplier assurance assessment activities including the responsibilities towards the supplier control environment.
• Understand the evolution of RDS risk framework and group policies and assist LOD1 to comply with requirements applicable to Supplier Assurance.

• $ads={1}

  Establishment of key performance indicators and continuous monitoring to facilitate effective reporting to management on the supplier control environment
• Support and facilitate external and internal audits for Supplier Assurance.
• Do ongoing supplier control assessment and compliance monitoring to ensure proactive identification and notification of control weaknesses and security incidents.
• Perform deficiency analysis and support the development and tracking of remediation action plans.
• Support management's assessment of the IT control environment.
• Engage with the user community to raise information protection awareness.
• Support the development of the professional skills of staff and coach them to conduct consistent high-quality supplier assurance work products.
• Conduct annual planning and scoping for IT supplier assurance plans.
• Coordinate the execution and validate assurance activities with the IT suppliers.
• Facilitate and track remediation of deficiencies with IT suppliers.
• Develop annual scoping and planning of on-site supplier audits.
• Coordinate the scheduling and execution of the audits with IT suppliers.
• Support the publication of audit reports and track remediation of deficiencies with IT suppliers.
• Manage a team of reviewers performing on-site audits.
• Do escalation management as well as internal and external stakeholder management.
• Provide timely management reporting of the program.

You have:

• Significant experience in IRM-related roles, Information Security roles or having worked with IRM through an IT Delivery role or Business IT role (this position could be filled by someone from outside the IT function, who has a strong control background (e.g. in GRA/Controllers area or internal audit)).
• Industry-recognized certifications, i.e. CISA, CISSP, CISM, GCIH.
• Understanding and experience with Internal and External Audit, Information Risk Management and Business Controls.
• Strong general knowledge of IT controls and control frameworks (e.g., CObIT, ISO 27001).
• Strong interpersonal, diplomatic and negotiating skills for all levels of staff.
• Proven experience with senior stakeholder management, especially in a multi-sourcing and multi-national environment.
• History of strong results and delivery focus, with proven experience to support.
• Experience building relationships with process owners/architects, project managers, IT & IM Managers, and operations managers as required.
• Robust understanding of, and solid experience with, compliance and its impact on application development and operations.
• Ability to drive activities across organizational boundaries via coaching and influencing.
• Systematic, disciplined and analytical approach to problem-solving with demonstrable verbal and written communication skills.
• Ability to interface with many different groups within and outside of IT.
• Good understanding of different cultures.
• Ability to work in virtual teams.

$ads={2}

 

.