Jsme jedna z největších personálních společností na světě působících v 60 zemích světa, na českém trhu působíme od roku 1992. Hledáte práci? Adecco Vám pomůže a poradí.

Risk, Security & Compliance Manager – EEMENA

Risk, Security & Compliance Manager – EEMENA

Risk, Security & Compliance Manager – EEMENA
Reporting to: Head of IT – EEMENA
Location: Prague
1. Job Purpose

• Support the EEMENA Head of IT to ensure the Confidentiality, Integrity and Availability, of the Adecco Group Information Assets within the respective area(s)
• Implement and continuously improve an effective and efficient Information Security Management System in line with Group IT Security Strategy, Policies and Standards within the EEMENA Organization.
• Ensure that operational, legal, regulatory and security risks are assessed and mitigated with effective controls in accordance with the business requirements and Enterprise Architecture.
• Responsible to publicize the Adecco IT Policy framework standards throughout all business and IT users of the EEMENA Region to ensure all projects in scope are delivered in conformance to Group Standards.
• Monitor and manage all security incidents, lead investigations on behalf of the IT Leaders and take remedial actions to prevent recurrence wherever possible.

2. Main Stakeholders

• Global IT head of Security Risk and Compliance
• Regional IT Security and Compliance
• EEMENA IT Head
• Internal & External Audit
• Legal
3. Measured on
• Achievement of Security, Risk and Compliance SLA Targets
• # and impact of risk and security issue
• Team satisfaction (GPTW)
• # of security vulnerabilities or non-conformities raised for EEMENA applications /systems

4. Main tasks & responsibilities

• Support the Global Head of Information Security, Risk and Compliance and EEMENA Head of IT in the implementation of the Group Information Security Strategy in EEMENA.

• Review and evaluate IT procedures and controls concerning Information Security at a EEMENA level

• Ensure ICOFR, RIM, Group Policy and self-assessment exercise are carried out in a timely fashion and in line with Group expectations.

• Communicate and publicize the Adecco IT Policy framework and work with the Governance, Risk and Compliance Director to ensure users are educated and trained in all aspects of the Policy framework

• Liaison with Assurance function (GIA, Group IT Assurance, External Auditor)

• Make sure all audit actions (Internal & external) have a named owner and remediation plan; ensure agreed actions are delivered in line with agreed dates.

• Assess current levels of risks within the EEMENA-IT environment on an on-going basis. Ensure all the Identified security risks are managed through their life-cycle from identification to closure and provide Appropriate visibility of the same to the Management

• Ensure security testing is carried out for EEMENA Important Assets and report finding are followed up and timely addressed

• Ensure that project team and delivery teams deploys products /systems / applications in line with Security Architecture Requirements and Standards

• Provide concise, relevant and informative reports to the Global Head of Information Security, Risk & Compliance and Head of IT Northern Europe on the status of security and risks within the IT environment

• Monitor & manage all security incidents & breaches and take remedial actions to prevent recurrence wherever possible

• Lead investigations in coordination with the GSOC (Global Security Operations Centre) in the respective functional area, on behalf of business and IT Leadership Team, for breach of Information Security Policies and standards or security compromise.

• Be the recognized expert in the field of Information Security within EEMENA and keep abreast of local regulations and requirements related to information security like Data Privacy Laws

• Ensures Group Information Security Awareness Initiatives and end users training are deployed

5. People, Resource management responsibilities & Decision Power
• Line Manager of assigned resources
• Define security and compliance guidelines across the EEMENA
• Define KPIs related to Risk management

6. Minimum requirements & Personal attributes
Education and certifications/training:
• University degree preferably in a technical subject or any comparable education
• CISSP, CISA, CISM or similar certification preferred
• Professional experience in running the information security office analysing and applying information security, risk management, and privacy practices

Professional & Leadership experience:
• 5 years of experience in a similar position within a Global Organization
• Professional experience in running the information security office analysing and applying information security, risk management, and privacy practices
• Demonstrable knowledge in key IT Security and Risk Management framework (such as COBIT, RiskIT, ISO17799, ISO 27001)
• Demonstrated experience and exposure in the international security arena dealing with security-related issues
• Knowledge in IT Security and Risk Management and international regulatory compliances and frameworks (such as COBIT, Risk IT, ISO 2700X, SOX, NIST) •
• Big 4 or HR industry background is desirable.

Personal attributes:
• Strong team player
• Ability to build pro-active, co-operative working relationships with customers, peers and key stakeholders based on respect and team work
• Good ability to convince and influence stakeholders from all backgrounds.
• Experience with and sensitivity for different cultures
• Ability to act under strong pressure and to manage efficiently crisis situations
• Good in leadership, inspiring, encouraging and providing constructive criticism to help improve performance of colleagues
• Able to evaluate information, identify key issues and formulate conclusions based on sound, practical judgment, experience and common sense
• Willingness and ability to travel

Language requirements:
• Good to excellent command of English
• Any additional language is a plus

“We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.”

Informace o pozici

Místo pracoviště

Pikrtova 1737/1a, 140 00  Praha-Nusle, Česká republika

Typ pracovního vztahu

Práce na plný úvazek

Typ smluvního vztahu

Pracovní smlouva

Délka pracovního poměru

Na dobu neurčitou

Požadované vzdělání

Bakalářské

Požadované jazyky

Angličtina (výborná), Čeština (základní), Francouzština (základní)

Zadavatel

ADECCO spol.s r.o.

 

Kontakt

ADECCO spol.s r.o.
Katrin Jeggle
Telefon: 00420734444968

Nabídky práce

Vyberte lokalitu