19 feb
Importante empresa
Cajamarca
(Y426) It Business Analyst Luxoft Poland Sp. Z O.O. Cajamarca Permanente Tiempo completo Hace 2 días Postúlese fácilmente:
All stages in our recruitment process can be done remotely:
IT Business Analyst Location:
Remote PolandPROJECT DESCRIPTION This role is within the 1st Line of Defence and will play a key role in the development of new, data driven control environment that will provide the Business with better understanding of their exposure to risk and effectiveness of protective measures deployed by HSBC Cybersecurity.
The role holder will be part of the team of experts working closely with the Control Owners and provide technical expertise in monitoring the overall controls environment and providing controls assessment of all Cybersecurity controls. They will also be part of Cybersecurity Risk and Controls Strategy (CRCS) Team and will be responsible for providing an overall guidance and ensuring that the Control Continuous Monitoring (CCM) Team deliverables supports other CRCS activities. This work will require the role holder to adhere to all applicable HSBC policies and a range of local regulations in the markets the firm does business.Objectives of the role:
The Cybersecurity CCM Business Analyst will play a key role in the defining, designing and maintenance of the control environment for Cybersecurity. The role holder will be tasked with providing day:
to:
the Team will support Control Owners in self:
assessment of the existing control environment using the dedicated risk management tools (HELIOS, CCM Archer). The Team will perform spot checks on controls assessments on monthly basis in order to keep the high quality of assessment executions and verify if these are following the guidelines and industry best practices.
Establishing guidelines for CCM and support Control Owners and Control Operators in implementing them into their work. Cybersecurity Control Maturity Assessment:
the Team will maintain and refresh the mapping of HSBC controls to the NIST FSS framework, support Control Owners in reviewing controls maturity scoring, preparing maturity forecasts and collecting required evidence. The Team will work closely with 3rd Party engaged in independent assessment of the Banks cybersecurity control environment maturity. Cybersecurity controls issue monitoring:
the Team will take part in the triage of newly identified issues, findings (self:
identified, audit, regulatory, red team findings)
and other trigger events to estimate their impact on the current control effectiveness and take necessary actions to address them; Support Control Owners in drafting issues and Management Action Plans (MAPs) to address the gap and mitigate the emerging risk; Cybersecurity Control Instances Review :
Muestra tus habilidades a la empresa, rellenar el formulario y deja un toque personal en la carta, ayudará el reclutador en la elección del candidato.