Application Risk Analyst (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Application Risk Analyst (Cybersecurity): Conducting technical application and third-party risk assessments to identify vulnerabilities and ensure regulatory compliance across global gaming units with an accent on threat modeling and security policy alignment. Focus on collaborating with agile product teams to implement mitigating controls and liaising with auditors for standards like SOC-2, ISO 27001, and PCI DSS.
Location: Krakow, Poland. Must be authorized to work in Poland without visa sponsorship.
Company
is a world leader in gaming content and technology, dedicated to bringing joy through play while maintaining high standards of governance and sustainability.
What you will do
- Conduct technical application and third-party risk assessments to identify cyber vulnerabilities and regulatory threats.
- Collaborate with agile product teams to implement technical controls aligned with GIS policies.
- Prepare detailed assessment reports and threat models for business unit owners.
- Develop and implement risk exception plans in partnership with GIS and business units.
- Liaise with internal and external auditors to provide evidence for compliance with international standards.
- Mentor teams on product security and update internal security policies and standards.
Requirements
- 5+ years of experience in information security.
- Must be authorized to work in Poland without visa sponsorship.
- Strong analytical and critical thinking skills with effective communication abilities.
- Familiarity with industry frameworks such as NIST CSF, ISO 27001, and PCI DSS.
- Relevant degree in a related field.
Nice to have
- IT Audit, Internal Audit, or cyber advisory experience.
- Certifications such as CISSP, CCSP, CISM, CISA, CompTIA Security+, or GIAC.
Culture & Benefits
- Opportunity to work for a world leader in gaming entertainment.
- Robust benefits package.
- Global career development opportunities.
- Inclusive and collaborative work environment focused on shared values.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →