Manager – IT Security & Assurance
- You will help develop, implement, and monitor a strategic, comprehensive information security and privacy assurance program.
- You will have responsibility in overseeing compliance with applicable laws and regulations, working closely and collaboratively with both internal and external functions to ensure compliance with privacy regulations and rules. You will also work directly with functional cells to facility security and privacy processes, and work with Risk & Information Security to align security controls with business processes. As part of this, you will provide regular reporting on the current status of the security assurance program to the Risk leadership team.
- You will interact with engineering and operations teams to ensure system designs and architectures meet the Firm’s standards for information and risk management. As part of that, you will ensure that security policies and programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings. You may be responsible for creating and managing information security and privacy awareness training programs for team members, contractors and approved system users as well.
- You will liaise with external agencies and other advisory bodies as necessary.
- Additionally, you'll provide guidance on security & privacy obligations needed and establish a plan on how to achieve them.
- 5 years of experience in risk management, information security and IT
- 2+ years of leadership experience in Risk Management, Information Security and Information Technology and/or Analytics
- Bachelor’s degree in business administration or technology related field
- Experience in effectively communicating security and risk-related concepts to technical and nontechnical audiences
- Knowledge and understanding of relevant legal and regulatory privacy requirements
- Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals
- Knowledge of common information security management frameworks and past participation in both initial certification and renewal of one or more of: ISO/IEC 27001, SOC 2/SSAE 16, PCI DSS, etc.
- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired
- Exhibit excellent written and analytical skills, the ability to manage multiple projects under strict timelines
- Proven track record and experience in developing information security policies and procedures
- Demonstrated experience in critical thinking and problem solving in high pressure situations
- Competitive salary
- Yearly bonuses
- Place of work in the center of Prague
- Free on-site breakfasts, beverages and snacks throughout the day
- Complimentary lunch based on your preferences
- Above standard medical care for you and your immediate family members
- Social and sport events throughout the year
- Charitable initiatives and kids days
- Fun activities organized by our interest groups (e.g. barbecue, gaming and movie nights)
- Training and further development opportunities Cafeteria system