Можливість для людей з України
Ľutujeme, spoločnosť ponúkajúca danú pracovnú pozíciu ukončila zverejnenie ponuky na stránke.
Ďakujeme za porozumenie.
Zobraziť podobné ponuky
Ďakujeme za porozumenie.
Zobraziť podobné ponuky
Third Party Cyber Risk Manager
Place of work
Mlynské nivy 12, Bratislava, Slovakia (Job with occasional home office)
Mlynské nivy 12, Bratislava, Slovakia (Job with occasional home office)
Contract type
full-time
full-time
Wage (gross)
From 2 500 EUR/monthMinimum base salary for this job from 2500 EUR gross/month/full time. Our final offer to you will be set up fairly, considering the skills and experience that you bring to the Swiss Re Group. You can look forward to extra rewards and benefits including an attractive performance-based bonus.
From 2 500 EUR/monthMinimum base salary for this job from 2500 EUR gross/month/full time. Our final offer to you will be set up fairly, considering the skills and experience that you bring to the Swiss Re Group. You can look forward to extra rewards and benefits including an attractive performance-based bonus.
Information about the position
Job description, responsibilities and duties
Are you passionate about Cyber and Cyber security? Or rather risk assessment and its mitigation? Would you like to work in international environment, where we value your knowledge, domain expertise and proactive execution? If yes, join our team and make the world more resilient by reducing cyber risks for us and our partners.
You will be a part of the Third Party Cyber Risk Management security service. The mission is to reduce the supply chain cyber attack surface and make thus Swiss Re more resilient.
How we achieve that? We:
- identify third parties that represent potential cyber risk for Swiss Re,
- assess their cyber maturity, posture and compliance with security best-practice-standards, specific internal requirements, regulatory obligations to understand the cyber risk exposure,
- propose and address the remediation actions and coordinate the risk mitigation activities,
- make the risk transparent to risk takers and stakeholders to support their risk mitigation/risk acceptance decisions.
You will cooperate with the service recipients across the whole organization, will build up partnerships and interpret them the risks that third party service introduces. You will act as an enabler and coordinator between the stakeholders and the assessment team. Your responsibilities will be assessment of third-party risk at the time of due diligence / onboarding, during the time providing service and prior the termination. You will get insights into many companies all around the world and learn about different approaches to handle cyber risks.
This important role requires deep domain expertise as you have to raise relevant concerns regarding the control framework of a third party and to express the related risks from a business point of view, and in business terms. You collaborate directly with the assessed third parties to develop an action plan to mitigate risks. For this role, you should be able to outline the risks identified, expectations and recommendations to third parties, explain how to improve the control environment and supervise observations through to resolution.
About the Team
You will be a member of Security Services within CSO organization. The Chief Security Officer (CSO) is Swiss Re's central point for security activities, formulates Swiss Re's group-wide security vision and strategy. If you want to contribute directly to Swiss Re's cyber security initiatives, and work together with internal and external stakeholders to improve cyber security, and make cyber risks transparent? Don’t hesitate - this is the role for you.
You will be a part of the Third Party Cyber Risk Management security service. The mission is to reduce the supply chain cyber attack surface and make thus Swiss Re more resilient.
How we achieve that? We:
- identify third parties that represent potential cyber risk for Swiss Re,
- assess their cyber maturity, posture and compliance with security best-practice-standards, specific internal requirements, regulatory obligations to understand the cyber risk exposure,
- propose and address the remediation actions and coordinate the risk mitigation activities,
- make the risk transparent to risk takers and stakeholders to support their risk mitigation/risk acceptance decisions.
You will cooperate with the service recipients across the whole organization, will build up partnerships and interpret them the risks that third party service introduces. You will act as an enabler and coordinator between the stakeholders and the assessment team. Your responsibilities will be assessment of third-party risk at the time of due diligence / onboarding, during the time providing service and prior the termination. You will get insights into many companies all around the world and learn about different approaches to handle cyber risks.
This important role requires deep domain expertise as you have to raise relevant concerns regarding the control framework of a third party and to express the related risks from a business point of view, and in business terms. You collaborate directly with the assessed third parties to develop an action plan to mitigate risks. For this role, you should be able to outline the risks identified, expectations and recommendations to third parties, explain how to improve the control environment and supervise observations through to resolution.
About the Team
You will be a member of Security Services within CSO organization. The Chief Security Officer (CSO) is Swiss Re's central point for security activities, formulates Swiss Re's group-wide security vision and strategy. If you want to contribute directly to Swiss Re's cyber security initiatives, and work together with internal and external stakeholders to improve cyber security, and make cyber risks transparent? Don’t hesitate - this is the role for you.
Requirements for the employee
Candidates with education suit the position
Secondary with school-leaving examination
Follow-up/Higher Professional Education
University education (Bachelor's degree)
University education (Master's degree)
Postgraduate (Doctorate)
Follow-up/Higher Professional Education
University education (Bachelor's degree)
University education (Master's degree)
Postgraduate (Doctorate)
Language skills
English - Upper intermediate (B2)
Personality requirements and skills
· Previous experience in some of these fields:
- Internal/External IT/Security Audit,
- Information Security Management System,
- Cyber Risk Assessments/Management,
- Cyber Risk Quantification,
- Governance and Security Frameworks,
- Risk Management Frameworks,
- Cyber Security Consultancy,
- Privacy & Data Protection,
· Deep knowledge of information security on a technical as well as a security management level
· Knowledge of ISO 2700x / 31000 NIST SP 800-53 / ISAE 3000 / SOC 2 standards and reports
· Experiences in Cyber Risk Quantification – FAIR methodology, or risk management frameworks (ISO 31000)
· Ability to describe cyber related risks and controls, bring them into the business context and communicate effectively at all levels of the organization
· Good to excellent command of English
· Willing to deepen and share your expertise, communicate with stakeholders and bring innovative ideas.
- Internal/External IT/Security Audit,
- Information Security Management System,
- Cyber Risk Assessments/Management,
- Cyber Risk Quantification,
- Governance and Security Frameworks,
- Risk Management Frameworks,
- Cyber Security Consultancy,
- Privacy & Data Protection,
· Deep knowledge of information security on a technical as well as a security management level
· Knowledge of ISO 2700x / 31000 NIST SP 800-53 / ISAE 3000 / SOC 2 standards and reports
· Experiences in Cyber Risk Quantification – FAIR methodology, or risk management frameworks (ISO 31000)
· Ability to describe cyber related risks and controls, bring them into the business context and communicate effectively at all levels of the organization
· Good to excellent command of English
· Willing to deepen and share your expertise, communicate with stakeholders and bring innovative ideas.
Advertiser
Brief description of the company
As the world's leading and most diversified global reinsurer, we offer as our core business financial services products that enable risk taking essential to enterprise and progress. Our company was founded in Zurich, Switzerland in 1863, and operates in more than 25 countries and provides its expertise and services to clients throughout the world. We combine financial strengths with experience, knowledge and creative thought to explore new opportunities in the interests of our clients, staff and shareholders.
Number of employees
1700 and more employees
Company address
Contact
Contact person: Denisa Bastos
ID: 4322126
Dátum zverejnenia: 6.6.2022
2022-06-06
lokalita: Bratislava Pozícia: IT Analyst, IT Network Administrator, IT Security Specialist, IT System Administrator, Risk Manager Spoločnosť: Swiss Re
Základná zložka mzdy (brutto): 2 500 EUR/month