Beschreibung
Aufgaben:·Keeping risk treatment plans within clients risk appetite
·Managing risks within predefined SLAs
·Monthly reporting of risk status and escalations
·Execution of asset risk assessments per predefined yearly plan
·Integration of asset based risks into IT Application Roadmap
Must-Have-Skills:
·Minimum 8 years of relevant experience in IT Security Minimum 4 years of experience in IT governance, risk, and compliance
·Deep understanding of IT audit, compliance, risk management methodologies, business risk analysis and making complex business/risk trade-off recommendations and decisions
·Strong Knowledge of regulatory standards such as SOX, PCI, Data Protection, etc.
·Knowledge in IT and security management frameworks such as COBIT, ITIL, NIST, ISO, and more
·Experience in policy and security requirements development pertaining to IT security in large organizations
·Experience with risk assessments and security requirements for vendors and third-parties
·Security fundamentals with a solid understanding of security concepts, threats, vulnerabilities, risks, defenses, security principles and policies
·Experience with standards development, implementation and compliance initiatives (e.g., ISO , PCI, SOC)
Start: asap
Dauer: 30.09.2022 mit Option
Einsatzort: München und remote
Branche: Telekommunikation
Auslastung: 100%