Cybersecurity Control Design and Oversight Analyst

Job Title: Cybersecurity Control Design & Oversight Analyst

Location: Kraków

Contract Type: B2B 

Working Time: Full-time

Technologies We Use:

Required:

• Confluence
• JIRA
• IBM OpenPages

Optional:

• GRC Tools
• Industry certifications in Risk/Technology/Security

ABOUT THE PROJECT

Although the role is based in Kraków, Poland, it has a global scope, focusing on Global Cybersecurity Controls applicable across all countries and legal entities.

As a Cybersecurity Control Design and Oversight Analyst, you will support the ongoing maintenance and development of the Cybersecurity control environment. The responsibilities include defining and maintaining operational control instances, their attributes, control measurements, and requirements for the Group Cybersecurity function.

YOUR RESPONSIBILITIES:

• Engage with various stakeholders (e.g., Control Owners and 2LoD) to ensure Cybersecurity controls are designed and operated in accordance with the Bank’s requirements and industry standards (e.g., NIST 800-53).
• Define control measurements in line with Bank’s KCI Design Framework and industry best practices (e.g., CIS).
• Ensure that Cybersecurity controls comply with legal and regulatory requirements and that control measurements provide meaningful insights for management reporting.

SKILLS & EXPERIENCE WE REQUIRE:

Experience with Risk and Control Frameworks:

• Expertise in Control Management, including control design and implementation.
• Understanding of inherent and residual risk concepts.
• Ability to translate complex IT concepts into business-friendly language.
• Experience with Cybersecurity risks and controls.

Technical Background:

• Knowledge of Information Technology (generalist knowledge is acceptable, specialist expertise is a plus).
• Understanding of metrics and measures for risk and control management (KCIs, KRIs, KPIs).
• Strong writing skills and proficient use of written English.
• Experience with MS Office and MS Teams.

Stakeholder Management and Communication:

• Experience working in an international environment.
• Managing stakeholders, including Cybersecurity leadership, 2LoD Resilience Risk teams, and staff.

Teamwork and Independence:

• Experience in fast-paced, complex corporate environments where IT and security issues are handled on a large scale.
• Ability to multitask effectively while navigating ambiguity and change.

NICE TO HAVE:

• Familiarity with IT industry best practices and frameworks.
• Experience with GRC Tools.
• Industry certifications in Risk, Technology, or Security.

WHAT WE OFFER:

• A key role in the 1st Line of Defense, contributing to the development of a modern, data-driven control environment that enhances the Technology and Business functions’ understanding of risk exposure and the effectiveness of protective measures deployed by Bank Cybersecurity.
• Opportunities to collaborate across the Cybersecurity function and beyond, exchanging knowledge, learning, and growing professionally.
• Multiple development opportunities within the core team and across other functions in the organization.

Interested? Apply now and join our global team, working on innovative Cybersecurity solutions!

To learn more about Antal, please visit www.antal.pl