Corporate IT Security & Risk Oversight Owner (ISO Corporate IT, 2nd Line of Defense)
Tasks
- Align IT security governance with management systems
- Assess BCM control effectiveness and coordinate BCM tests
- Assess security and risk implications for IT architectures
- Conduct security assessments for AI tools
- Contribute to GRC reporting and management reviews
- Coordinate audit evidence and auditor inquiry handling
- Escalate material risks control deficiencies and compliance gaps
- Execute control effectiveness monitoring
- Maintain GRC and security documentation
- Maintain corporate IT systems security classifications
- Maintain information security process descriptions
- Oversee business continuity management for corporate IT
- Perform risk-based internal audits
- Provide information security risk oversight
- Review and validate customer security questionnaires
- Review business impact analyses and continuity measures
- Support customer due diligence and assurance requests
- Support data protection assessments and audits for IT systems
- Support third-party risk management
- Track audit findings and remediation follow up
Perks/Benefits
- Birthday leave
- Christmas bonus
- Corporate discounts
- Dental insurance
- Food vouchers
- Health insurance
- Hybrid work model
- Internal training
- LinkedIn Learning access
- Professional conferences
- Referral bonus
- Sports plan
- Team events
- Transport and internet expense coverage
Skills/Tech-stack
Audit evidence | BCM | Business Continuity | Business Continuity Management | Continuity management | Control effectiveness | Customer Due Diligence | Data Privacy | Data Protection | Due Diligence | ERM | Enterprise Risk | Enterprise Risk Management | GRC | Governance Risk | Governance risk compliance | ISMS | ISO 22301 | ISO 27001 | Information Security Management | Information Security Management System | Information security | Information security risk | Internal Audit | Management System | Questionnaire Review | Risk Based Auditing | Risk Management | Risk compliance | Risk-based | SOC 1 | SOC 2 | Security Management System | Security Questionnaire | Security Questionnaire Review | Security Risk | TISAX | TPRM | Third Party | Third-Party Risk | Third-party risk management
Education
Bachelor of Engineering | Bachelor of Science | Master of Science
Related jobs
-
Cloud Security Analyst BGN 63K-70KAWS | AWS Security | AWS Security Hub | Advanced Security | ArgoCDFull paid parental leave | Home office stipend | PTO | Professional development courses | Remote alwaysSenior-level Full TimeBulgaria R1d ago
-
Cyber Security Analyst BGN 90K-100K802.1x | Application Firewall | CASB | Change Management | DLPCompany discounts | Health insurance | Hybrid work | Paid leave | Paid volunteering timeSenior-level Full TimeSofia, 23, BG14d ago
-
Assessment methodology | CIS Risk Assessment Methodology | Cybersecurity | Information Risk | Information risk managementMid-level Full TimeBulgaria - Sofia - 115 G …17d ago
-
Senior Information Security Risk Analyst BGN 63K-70KAudit | COBIT | Data Governance | Enterprise Risk | Enterprise Risk ManagementElectric bikes | Health insurance | Hybrid work | Learning and development | Public transportation discountSenior-level Full TimeSofia, BG21d ago
-
Audit evidence | Business Continuity | Business Continuity Management | Business Continuity Management System | Control effectivenessAdditional self care days off | Birthday leave | Christmas bonus | Corporate discounts | Dental insuranceSenior-level Full TimeSofia, BG, 179721d ago
-
GRC Security Expert BGN 90K-96KAudit management | Awareness Training | Compliance Monitoring | Gap Analysis | IEC 27001Senior-level Full TimeSofia, Bulgaria1mo ago
-
Security Incident Handler BGN 45K-48KArcSight | Carbon Black | CrowdStrike | Cyber Kill Chain | GDPRCompany-sponsored certifications | Employee discounts | Employee recognition program | Employee referral program | Food vouchersEntry-level Full TimeBG108 - Sofia Business Park, Bldg. …1mo ago
-
Application Security | Cloud Security | Cybersecurity | ISO 27001 | ISO 27017Senior-level Full TimeSofia, BG, 14071mo ago
-
IEC 27001 | ISO/IEC | ISO/IEC 27001 | Information Security Management | Information Security Management SystemDevelopment opportunities | Healthcare and wellbeing support | Pension scheme | Retail discountsMid-level Full TimeSofia, Sofia-Capital, Bulgaria1mo ago
-
Senior Manager: Governance, Risk and Compliance EUR 60K-65KBusiness Continuity | Business Continuity Planning | CE+ | Cloud Security | Continuity planningSenior-level Full TimeSofia/Plovdiv1mo ago