Tražite posao kao Risk Compliance Analyst?

Ovaj oglas je istekao i poslodavac više ne prima prijave

Good job, good life!

The Headhunter provides HR services, HR consulting, raising awareness of employers about the importance of human resources departments in the company.

The Headhunter has offices in Montenegro, Bosnia and Herzegovina, Albania, Macedonia, Kosovo, Greece, Serbia, Texas (USA).

Our Client is an international expert in online payments, handling transactions from any location in the world. Our Client continuously raises the online payment processing bar by instantly protecting personal buying data and providing expert around the clock support on behalf of over 30,000 internet businesses, each day. In order to further strengthen their Serbian operations, we are searching for a devoted and proactive candidate for a position of:

Risk Compliance Analyst
- Novi Sad

Overview:

Reporting to the Director of Information Security, the Risk and Compliance Analyst will play an instrumental role in maintaining our information security policies, standards, and procedures and working collaboratively with the entire organization to ensure that these documents are adhered to.

This key role will also ensure that our IT governance processes are properly designed and are functioning effectively and that the organization maintains its compliance with all applicable legal, regulatory, and contractual requirements. Finally, he/she will ensure that our company properly identifies, assesses, and manages its enterprise risks.

Key responsibilities:

• Maintaining CWIE’s information security and privacy related policies, standards, and procedures.
• Assessing corporate-wide compliance with CWIE’s policies and standards and taking action to remediate non-compliance.
• Ensuring that CWIE practices satisfy the requirements of the PCI-DSS, SOC1, SOC2 audits as well as all applicable federal, state, and local laws and regulations.
• Ensuring that our company is properly evaluating security risks through a risk assessment framework that assesses the potential impact of threats to the business and CWIE vulnerability to these threats
and recommends controls to reduce risks to levels that align with the organizations risk tolerances and appetite.
• Working collaboratively with all departments to ensure that local practices are consistent with corporate information security policies and standards.
• Monitoring the legal and regulatory landscape to proactively address new information security and privacy-related requirements.
• Managing and coordinating business continuity planning and disaster recovery planning programs as well as periodic exercises and tests.
• Acting as a professional liaison to our auditors and consulting partners.
• Collecting information for customer due diligence requests and generate responses to customer due diligence questionnaires.
• Managing vendor management / third party service provider oversight program and conduct initial vendor due diligence as well as ongoing vendor reviews.
• Coordinating and document an annual enterprise risk assessment as well as ad hoc project risk assessments.
• Designing and deploying a company-wide security awareness program that is tailored to the needs of specific roles within the organization and is measurable and auditable.
• Managing our vulnerability management program by collecting vulnerability data, tracking the status of vulnerabilities, and reporting on vulnerabilities.
• Designing and implementing a program to collect and report information security related performance metrics and key risk indicators.

Key Skills:
• Experience with defining, revising, and implementing corporate information security policies.
• Experience with coordinating corporate-wide initiatives for obtaining security related assurances (e.g., ISO 27001, SSAE-16, etc.) including process control design and testing.
• Familiarity with federal and state legal regulatory requirements related to information security and privacy.
• Competency in the information security issues affecting financial service organizations and cloud-based application service providers.
• Understands the basic tenants of enterprise risk management (threat management, vulnerability management, and risk treatment).
• Experience in business continuity planning and vendor management is a plus.
• Bachelor’s degree in information security, information assurance, computer science, management information systems, computer information systems, or a related discipline.
• A professional designation (or one of similar stature) such as CISSP, CISA, CISM, CGEIT
• Excellent organizational, interpersonal and communication skills.
• Ability to interface effectively with all levels of employees/management.
• Excellent verbal and written communication skills.

A competitive salary package and great benefits that include:
• Low-stress work environment
• Highly talented, professional and friendly team
• The ability to work with the latest cutting-edge technologies
• Paid introductory training
• Private health insurance
• Sports activities
• Fruit, coffee, tea, water, and soft drinks... all on the house.
• Bright, colorful offices in New Belgrade and city center of Novi Sad
• All benefits paid pursuant to relevant Serbian laws

If you believe that, you are the right person for this position and you feel confident with the listed responsibilities and requirements, please send your CV document to the following email address: m.popovic@theheadhunter.com or using the option KONKURIŠITE NA OGLAS.

TryThe HeadHunter for your success!

Believe your career to the ONLY professionals!

Please be informed that only the candidates selected for the interviews shall be contacted. Name your CV in the following format (name [space] surname [space] CV). Be easily recognized!

Risk Compliance Analyst

Ovaj oglas je istekao i poslodavac više ne prima prijave putem portala.