Business Information Security Officer | SwiconJobs

Your dream job is just a click away

Business Information Security Officer

2021.08.27. | Budapest | Non-tech
Introduction

Our partner is a global leader in the banking sector which serves more than 200 million domestic, corporate, state, and organizational clients worldwide. It was one of the first international shared service centers in Hungary, opening its doors in 2005, presently facilitating services for 95 countries on an international level.

Tasks
  • Communicates and interacts regularly with employees and business management on IS related programs, policies, and standards
  • Communicates with the GISO and business managers; escalates as appropriate
  • Provides general IS consulting services including interpretation and/or clarification
  • Exercises oversight to the IS program within the business, including programs, policies, and related reporting
  • Helps security incident response teams resolve and close the investigation of incidents with proactive suggestions
  • Assists in the definition and implementation of IS standards at the business level to ensure that procedures and practices comply with our partner standards
  • Participates in the IS community on committees and cross-business / functional opportunities
  • Enforces compliance; demonstrates extensive understanding of IS standards and best practices across multiple disciplines
  • Reviews status of business IS program and oversees corrective action when necessary
  • Develops corrective action language for all IS-related gaps and approves all closures by reviewing evidence to ensure the closure meets our partner requirements or industry best practices
  • Collaborates to create Risk Exceptions (REs), and Corrective Action Plans (CAPs) in the appropriate tools (iCAPs, CIRAS, etc.)
  • Ensures that approvals and reviews are executed when needed
  • Performs IS awareness and training activities, including IS education of new employees. Ensures IS awareness materials are distributed per CISS requirements
  • Monitors / tracks IS training per CISS requirements
  • Ensures IS Risk Assessment is performed according to our partner standards by partnering with the businesses throughout the ISRA process and determines the impact of control deficiencies
  • Provide RISO with program management support for the production of monthly IS metrics
  • SIRT analysis and follow up
  • Regional IS Awareness
  • Information Security Risk Exception management
  • Annual GLBA attestation process
  • Prepares periodic IS reports for senior management summarizing the risk posture for the business
  • Interprets and translates the information security requirements of the business IS program into technical requirements
  • Provides guidance preparing for audits, resolving audit findings and ensuring closure
  • Complete additionally any other tasks in connection with the role but not detailed in the current job description, charged by the direct manager, supervisor, or the functional head
Expectations
  • 3+ years’ experience in IS or other Risk Management activities and at least 2 IS programs including, but not limited to, Audit Reviews, IS Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, Incident Management, Vulnerability Assessment
  • Knowledge of key government regulations and local laws
  • Has a business or technical background or combination of both
  • An awareness of the fundamentals of information security
Employer's offer
  • Freedom to succeed in a dynamic environment: creative and innovative ideas are encouraged and recognized
  • A positive and inclusive work environment in which diversity and cross-regional work-streams are key components
  • Remote work
  • An environment conducive todevelopingsupervisory/leadership/presentation skills and build a professional network across the organization globally



Contact