Najnowsze oferty pracy:

  • Analytical problem solving engineer [rekrutacja online]


    Localization: Wrocław About the project The BTS OAM (Operation, Administration and Maintenance) Business Unit delivers the unified Operability & Management...

  • Product Manager [rekrutacja online]


    Localization: Wrocław About the project The Product Manager is accountable for the complete product lifecycle of products / application, from conception and...

  • Pakowacz towaru (magazyn spożywczy i kosmetyczny)

     MGsolutions MGJJ Sp. z o. o. Sp. k.

    Miejsce pracy: Niemcy (Hannover, Bremen, Magdeburg) Opis pracy: Proste prace pomocnicze na magazynie z artykułami spożywczymi lub kosmetycznymi Pakowanie /...

  • Pracownik produkcji z językiem niemieckim

     MGsolutions MGJJ Sp. z o. o. Sp. k.

    Miejsce pracy: Niemcy OPIS PRACY: Proste i powtarzalne prace na produkcji w Niemczech (branża automotive lub spożywcza) Układanie i pakowanie komponentów...

  • Senior Data Warehouse Specialist

     Be | Shaping the Future Poland

    Remote Poland Role: Data Warehouse Specialist will support investment bank project team in analyzing business needs in terms of reporting and data inquiries...

Więcej ofert pracy


Praca świętokrzyskie  /  Oferty pracy  /  Cyber Assurance Manager (Cyber Risk)

Praca: Cyber Assurance Manager (Cyber Risk)

Avenga is a global IT and digital transformation champion. We deliver strategy, customer experience, solution engineering, managed services, software products and outsourcing services like: staff augmentation, team leasing and permanent employment.Together, we are more than 2500 professionals with over 20 years of experience. We are present in Europe, Asia and the USA.
Cyber Assurance Manager (Cyber Risk)
Miejsce pracy: woj. świętokrzyskie
Nr ref.: LP/CAM(CR)/POZ/05

The primary purpose of this position is to partner with the business and global support functions to embed the concept of “secure by design” by influencing projects and operations to implement proportionate cyber security coverage throughout the development Lifecyle.

This is more on the design and SME support rather than ‘run’

This is achieved by acting as a cyber security focal point for the business, acting as a conduit to other security teams (such as Cyber Security Operations, Governance Risk and Compliance and Architecture and Engineering) as required to meet business needs.


Job description:

  • To identify, document and report business cyber risks to senior stakeholders and positively influence the cyber security posture
  • Provide high level SME support and guidance in identifying and managing risks in all cores of cyber security like data, application, cloud, IAM etc.
  • Formally assess and evaluate cyber security risks related to business projects, determine the potential impact of those risks, and conduct follow-up on any necessary remediation efforts. Ensure that IT solutions and business processes comply with GSK’s policies, controls and applicable legal and regulatory requirements whilst also ensuring that business objectives are met
  • Collaborate with internal third-party relationship owners and third-party representatives to recommend necessary security and privacy controls to effectively mitigate risks to GSK
  • Evangelize third-party risk management processes across business lines to help influence a strong culture of proactive awareness for third-party security risks
  • To guide business owners and relevant stakeholders throughout the entire delivery lifecycle ensuring that information security is considered in a proportionate and tailored way
  • To carry out expert security assessments in supporting the business and global support functions utilising a thorough understanding of pharma and effectively create/monitor delivery of the remediation plans on identified risks and support on all levels within the business.
  • To partner effectively with the business, GRC and the wider Tech Security/Risk teams to eliminate overlaps and provide a holistic and consistent cyber security position including key initiatives such as cyber incidents and resilience.
  • To ensure consistent and continual alignment to the business and TSR strategy through oversight of the Cyber Risk Management framework, activities and processes including all aspects of the metrics/reporting.
  • To contribute to the development of global cyber security baselines, guidelines, standards, policies and procedures
  • Ability to support multiple teams to conduct threat modelling exercises for applications on an ongoing basis and embed strong cyber controls around data governance within business processes
  • Maintain current knowledge of cyber risk management requirements and accreditation standards and monitor changes in technology impacting security & risk posture.
  • To serve as a coach and mentor to peers and engage in upskilling activities for the overall team
  • Identifying and implementing automation initiatives like control testing to enhance the delivery time and improve efficiency
  • Identify and implement areas of duplication and propose ways of eliminating duplication to bring cost effectiveness and efficiency
  • Partner with outsourced third-party provider in effectively providing a cyber risk service reducing response times and improving on integration and automation

This role will engage with senior business stakeholders and requires a clear understanding of business imperatives in order to build commensurate cyber security controls. Knowledge of such controls needs to be at an expert level.

This is a global role, across multiple business functions and will require the ability to understand business strategy and influence stakeholders to embed cyber risk mitigation into those strategies and also into operations.

This role will interact with senior roles across the business and global support functions. It requires the ability to influence and also to bring in both internal and external benchmark information.

This role will interact across all geographies that the client operates within. It will also require interaction outside the client with groups such as regulators.

This role has direct influence on the cyber security posture of the business. It will directly influence the delivery of business objectives and interoperate with senior stakeholders.

Salary: 140-180 PLN per hour (B2B)


  • 10+ years of cyber security experience Business engagement
  • Experience and knowledge across different frameworks and standards such as ISO 27001, NIST, CIS etc.
  • Demonstrated experience and understanding of cyber security principles, IT security controls, and related technologies and products
  • Experience in working with outsourced providers and bringing positive changes to the organisation by working in partnership
  • Prior experience in conducting cyber Security risk assessments and 3rd party security and data privacy assessments
  • Stakeholder/ internal business management experience
  • Strong verbal/written communication in English, with the ability to effectively interact with professionals at all levels of responsibility and authority
  • Ability to prioritize, delegate, and foster the development of high-performance teams to lead/support an environment driven by customer service and teamwork
  • Work with virtual teams located in different countries around the world, aligning and adapting different work, culture and communication styles.
  • Exposure to any GRC technologies to conduct cyber risk management
Please include in your application the following consent:I agree to the processing of my personal data provided by me, not mentioned in art. 221 § 1 of the Labor Code, or other specific provisions applicable pursuant to art. 221 § 4 of the Polish Labour Code, in order to recruit by the Administrator - Avenga IT Professionals Sp. z o.o. with registered office in Wrocław, ul. Gwiaździsta 66, 53-413 Wrocław, for the position Cyber Assurance Manager (Cyber Risk).

Zobacz podobne oferty