Information Security Manager

WROCŁAW

Job description

As a market-leading credit management company, Intrum has wide-ranging expertise in debt collection services, and we do business in 25 countries in Europe. We have two service lines Credit Management Services and Portfolio Investment. The Portfolio Investment unit invested in over €1bn of Non-Performing Loans (NPLs) the past 12 months, making us on of the world’s largest investors in NPLs.

The Group Information Security Manager defines and maintains the group’s strategy and practices for continuous monitoring of information security within local and group units. The Information Security Manager is responsible for monitoring group-wide compliance with group information security policies, adherence to industry best practices and the efficiency of implemented security controls. The information security manager is a trusted adviser for internal and external stakeholders for information security matters. This role requires a technical background with a strong focus on IT security, as well as security management experience in enterprise environment. The Information Security Manager reports to the CISO, and works closely with local information security officers.

Key tasks / responsibilities:

  • Plan and manage a coordinated enterprise-level security monitoring program that effectively identifies reviews, analyzes, communicates, and tracks security control deficiencies
  • Monitor and, when needed, coordinate security incident response activities for major local or group wide security incidents
  • Advise various stakeholders as an IT Security subject matter expert about risk and risk mitigation
  • Monitor and drive improvement processes across the group together with system/application owners, 3rd party managed services providers and information security officers across the group
  • Plan and coordinate external security audits and follow up findings with group and local action owners
  • Support the design of an IT Security roadmap based on industry standards and best practices
  • Work proactively with internal and external IT organizations with respect to strategic and tactical plans for information security, and regarding major system changes, to ensure information security standards and risks are addressed early in a major change/project
  • Conduct risk assessments on internal and external vendors and systems/application as part of the group’s vendor risk assessment program
  • Member of the Group Information Security team, participating in security monitoring, risk and compliance management for IT and information security
  • Co-operate with colleagues in Group Risk and Compliance to ensure aligned approach and input to operational risk monitoring and reporting, including information security risks
  • Educate and inform stakeholders of information security related responsibilities and risks

 

We expect you to have:

  • 3-5 years experience in an information security related function in an enterprise environment. Experience in an information security officer / manager or similar role is a preference
  • Working experience in two or more of these subjects:
    • risk management
    • vulnerability management
    • threat intelligence
    • ethical hacking
    • penetration testing / red & blue team testing
    • security testing of applications
    • internal or external IT security audits
    • security in the SDLC
    • Identity and Access Management
  • A broad conceptual understanding of IT systems, networks and application security
  • Familiarity with at least one of the following security standards ISO27001/27002, NIST-CF, Cobit, PCI-DSS or similar
  • Good communication skills, oral and written. Most business communication (meetings, presentations) are in English
  • Experience with and/or understanding of Mergers, Acquisitions, or Divestments
  • CISM or CRISC or CISSP or other security certifications or in progress for obtaining one is preferred
  • Familiarity with ITIL processes

 

We expect you to be:

  • A quick learner, extremely accurate and highly numerate
  • Able to work in a team and cooperate with others, but able to work individually as well
  • Able to work  in independent role, without direct supervision
  • Prepared for a cross border cooperation
  • Result orientated
  • Willing to travel, as limited travel is expected
  • Self-motivated, enthusiastic and keen to learn and develop yourself

 

We offer:

  • Ability to define and shape information security program on group level
  • Work in divested environment, spanning whole Europe, with Offshore subsidiaries
  • Clear work hours and perfect work-life balance
  • Interesting challenges
  • Competitive renumeration and training packages
  • Private healthcare & social benefits

 

Jesteś zainteresowany / zainteresowana?

Czekamy na Twoje zgłoszenie: Rekrutacja.pl@intrum.com

Prosimy o zamieszczenie w CV następującej klauzuli zgody: Wyrażam zgodę na przetwarzanie moich danych osobowych, których podanie jest dobrowolne, w celu przystąpienia do procesu rekrutacyjnego, do którego przystępuję, wyrażając niniejszą zgodę, oraz w zakresie, o którym mowa w obowiązku informacyjnym dołączonym do ogłoszenia rekrutacyjnego.

Informujemy, że aplikacje nie zawierające ww. klauzuli zgody nie będą rozpatrywane, a dane osobowe zostaną usunięte.

Koniecznie zapoznaj się z polityką prywatności dla kandydatów do pracy w Intrum.