junior it risk analyst | budapest

megjelenés dátuma
randstad hungary
állás típusa
határozatlan idejű

az állás részletei

megjelenés dátuma
IT / Telekom
állás típusa
határozatlan idejű
30822 / 32476
randstad hungary
Kattintson a jelentkezem gombra és válasszon a maximum 2 percet igénylő jelentkezési lehetőségek közül.
Bizonyos pozícióink esetében videóinterjút folytatunk. Ha szeretne többet megtudni, hogyan készülhet fel hatékonyan, itt megosztjuk Önnel a sikeres online bemutatkozás fortélyait.

Cégleírás / Organisation/Department

One of the biggest cosmetics company which leads of the full market of the beauty industry.

Pozíció leírása / Job description

• Partner with program leads to identify vendor due diligence requirements and ensure vendor inventory and status is kept up to date
• Able to review vendor due diligence materials (i.e., SOC1/SOC2, Vulnerability Scan, ISO 27001, etc.) and identify potential risks
• Familiarity with the difference between SaaS and COTS based applications and the unique risks of each
• Awareness of emerging cyber threats including zero-day vulnerabilities and supply chain related risks
• Able to understand details of vendor’s cyber security program and identify where gaps exist with internal company policy requirements
• Ability to perform root cause analyses on issues identified and clearly articulate to a less technical user
• Identify potential vendor related issues and follow up with internal stakeholders and external vendor to develop remediation plan for unresolved issues
• Able to triage use cases and prioritize risk based on scope and impact
• Produce risk assessment reports and work with vendors to implement remediation responses
• Work with brands, procurement, supply chain, R& D and others to document specific use cases and third-party engagements
• Work with program lead and legal/privacy team to identify required contract security provisions to remediate risks identified in vendor assessment
• Experience with industry-recognized Cyber, Privacy, Governance, Risk and Compliance (GRC) applications
• Professional verbal and written English communications
• Able to develop effective relationships with all levels of internal and external stakeholders

Elvárások / Requirements

min. 1 year of relevant experience:

• CTPRP/CISSP/CISM/CRISC certification or equivalent desired
• Experience in Information Technology and Cyber Security is highly desired
• Internal Audit related experience a plus
• Fluent in English
• Skills: IT Audit, Risk Assessment, Cybersecurity, SOX compliance, GxP Compliance, SOC1, SOC2, ISO 27001 certification 

Amit kínálunk / Offer

Member of the Enterprise Cybersecurity and Risk team with responsibility for execution of the TPRM (third-party risk management)
program. Perform cyber risk-based assessments which document key risk areas for third-party vendors. Work with both internal
Cybersecurity and Vendor points of contact to develop remediation plans and track resolution status.

Kapcsolattartó / Information

Rác Ildikó

Gál Szilvia