Publier un stage
Détails de l'offre
Emploi > Emplois > Finance/Comptabilité > République Tchèque > Prague > Détails de l'offre 

IT Risk Analyst

Entreprise non montrée
République Tchèque  Prague, République Tchèque
Finance/Comptabilité, Anglais

Description du poste:

(COMPANY NAME) Europe Services (DES) in Prague is at the forefront of legal technology, providing innovative solutions to streamline operational processes. As an integral part of (COMPANY NAME), the world's largest law firm, our Prague-based team combines expertise with cutting-edge technology to deliver efficient and effective solutions for our internal legal teams.
At (COMPANY NAME) DES in Prague, we embrace a culture of collaboration and continuous improvement. Our team of professionals is dedicated to collaborating seamlessly to provide a wide range of services, including finance, IT, human resources, marketing, and more to support legal teams in managing large volumes of data, ensuring accuracy, and enhancing the overall legal process.
As an IT risk analyst, you will be responsible for ensuring the security of the company's information systems and data and organization's adherence to relevant information security policies, standards, and regulations. You will perform risk assessments, respond to customer inquiries, and monitor third-party suppliers. You will also collaborate with the Data Privacy Team, IT and business teams spread geographically across Europe to treat and mitigate risks by implementing and auditing security procedures and controls.
* Conduct risk assessments of the company's IT systems, processes, and data, and analyze efficiency of existing security controls, identify vulnerabilities and gaps in risk treatments.
* Respond to customer information security questionnaires and provide evidence of the company's security posture and compliance.
* Review client and suppliers' agreements in the parts pertaining to information security and ensure compliance with policies and regulations.
* Perform third-party supplier risk assessments and ensure that they meet the company's security standards and contractual obligations.
* Develop and update security policies, procedures, and guidelines and ensure they align with the company's objectives, clients, and regulatory requirements.
* Provide security awareness and training to the company's staff and stakeholders.
* Monitor and report on the company's security performance and compliance status and recommend corrective actions and improvements.
* Maintain documentation of compliance activities, including policies, procedures, risk assessments, and audit reports.
* Assist internal and external assessments and audits to ensure compliance with client requirements and industry-specific regulations such as GDPR, SOX, etc.
* Provide guidance and support to business practices on information security-related matters, including data classification, access control, etc.
* Research and stay updated on the latest laws and regulations, security trends, threats, and best practices.

(COMPANY NAME) is the world's largest law firm, delivering quality and value to clients around the globe. (COMPANY NAME) is a leader on the Acritas Global Elite Brand Index, a BTI Client Service 30 Award winner and recognized by prominent business and legal publications for its innovations in client service, including founding Nextlaw Labs and the Nextlaw Global Referral Network. (COMPANY NAME)' polycentric approach and world-class talent challenge the status quo to advance client interests in the communities in which we live and work

Profil requis du candidat:

* At least two years of experience in IT risk management, audit, or compliance focused role in information security.
* Knowledge of security frameworks, standards, and regulations, such as ISO 27001, NIST, GDPR, SOX etc.
* Knowledge of one or more risk management frameworks, knowledge of quantified risk management frameworks is preferred.
* Understanding of information security principles and practices, proficiency in information security tools and techniques with the ability to identify and mitigate security risks.
* Strong analytical, problem-solving, and decision-making skills.
* Excellent communication and interpersonal skills, ability to convey complex information security and risk concepts to non-technical audiences.
* Ability to work independently and collaboratively in a challenging fast-paced and dynamic environment.
* Certifications such as CISSP, CISA, CRISC are a plus, but not required

Origine: Site web de l'entreprise
Publié: 23 Avr 2024
Secteur: Légal
Langues: Anglais
114.523 emplois et stages
dans 151 pays