Security Consultant-Risk & Compliance
|Angajator:||IBM Client Innovation Center Central Eastern Europe (CEE)|
|Nivel job:||1 - 5 ani experienta|
IBM Client Innovation Center Central & Eastern Europe (CEE) was established in 2012 by joining several centers in Europe. The Delivery Center is part of a global network of 80 similar centers and uses the best IBM methods of work, global processes and techniques. The center has achieved CMMI Level 5 (Capability Maturity Model Integration) and its mission is to provide customers with software solution customized to their global business needs.Cerinte
• 2+ years of experience on a similar role
• Good understanding of IT security concepts
• Good understanding of IT operations within large/complex organisations
• Analysis and problem-solving skills.
• Excellent collaborator and communicator.
• Ability to work with all levels of the business - PMs, DPEs and Partners.
• Ability to follow processes.
Preferred Professional and Technical Expertise :
• CISA certification is an asset
• CISM certification is an asset
• CISSP certification is an asset
• ITIL certification is an asset
• Experience in banking industry
This role helps clients understand key security and privacy issues, risks, exposures and vulnerabilities using workshops and assessments and develop security and privacy programs to meet client's business needs. They also build secure solutions to address specific security and privacy requirements
• Establish and develop appropriate policies, procedures and practices in relations to governance and planning functions
• Ensure and Monitor effective implementations of the policies and procedures
• Ensure necessary awareness for the IT policies and procedures
• Participates in the definition and updating of guides and standards used from the perspective of IT governance, the concept of Enterprise Architecture and information security
• Facilitates and coordinates external audit with components in IT areas; if necessary, build the action plan according to the conclusions of the IT audit
• Participates in risk assessments and monitors the implementation of improvement points identified as a result of internal, external and regulatory audit missions, respectively of top management decisions and periodically reports the implementation stage to the IT Strategy Director