Tech People Hungary Ltd. is a Technical Skills recruitment consultancy based in Budapest and Warsaw primarily sourcing professionals for ICT, Finance, Engineering and Logistics related positions. Now we are searching candidate for the following position:
Application Technology Risk and Controls Sr Analyst (E-C14)
• Provide Risk Controls Services to Businesses supported by the Global ICG Technology Risk & Controls teams (CAP management, MCA, IS programs, remediation plans, reporting requirements, consultancy, etc.).
• Oversee the completion of their unit’s active participation and contribution to IS programs as defined by the global program office (information security risk assessments, secure workspace, entitlement reviews, infrastructure security classification, etc).
• Co-ordinate and manage the MCA (Manager Controls Assessment) process for Technology units. Review self assessments and supporting evidence
• Support in reviewing operational risks and developing testing based on the company Operational Risk Policy and Standards
• Identifying deficiencies against information security standards
• Create or facilitate creation of remediation plans, ensure that corrective action plans and management acceptance of risks are in place.
• Review, monitor and track corrective action plans (CAPs), manage and collect approvals for opening and closing CAPs, escalate delays. Identify, review and approving closure evidence. Play a key role in identifying CAPs impacted by Sarbanes-Oxley (SOX).
• Execute reporting requirements
• Support Application Technology and Technology Risk and Controls Managers in implementing and monitoring risk mitigation activities
• Ensure that controls applied over the Application Technology processes are working at the desired level.
• Act as a consultant to Technology Businesses
• Facilitate Global and Regional Risk and Controls related Programs.
• Ensure that units understand their responsibilities with regards to information security standards and that their procedures incorporate practices which achieve compliance to policies and standards. Develop and review processes and procedures
• Educate assigned customers with regard to current information security initiatives/programs
• Assist units in preparation for all audits. Manage audit deliverables.
• Degree in Computer Information Systems, Accounting, or Business Administration
• Fluent English
• 7 years of experience with technology services, or related disciplines, including process definition and development, audit, compliance review, and control assessment techniques.
• Familiarity with ISO 27001, ISO 27002 (ISO 17799), and CoBIT (ideal)
• Professional Controls related qualifications , such as CISA, CISSP or CISM (alternatively CRISK, ITIL or COBIT) is an advantage
• Demonstrate a good understanding of information security risk management
• Knowledge of Information Security, IT Risk and Controls and Continuity of Business, Self-Assessment Testing (RCSA /MCA)
• MS Office products, particularly Excel.
• Ability to work with various levels of management and the ability to build and maintain effective working relationships
• Excellent communication, presentation, interpersonal, organizational, time management, and project management skills.
Location: Budapest, travelling 10 % of the time
Working hours: normal business hours
Job opportunity: employee position