vorherige Stelle nächste Stelle

Welcome to the team:
GRC Process Management Specialist (m/f/diverse)

  • Function
    Function:
    Information Technology
  • Location
    Location:
    Praha
Apply now: https://jobs.commerzbank.com/index.php?ac=application&jobad_id=60402

We are looking for a motivated and skilled GRC Process Management Specialist (GRC = Governance, Risk and Compliance) to join our team. In this role, you will play a key part in controlling and continuously optimizing ICT GRC management as part of the 2nd Line of Defence (LoD) and supporting the 1st LoD via the Information Security Organization. You will also contribute to the standardization of methods and processes to ensure effective and efficient ICT risk management across the Group. 

Your tasks

  • Control and continuously optimize ICT GRC management as part of the 2nd LoD, including supporting the 1st LoD through the Information Security Organization and controlling the information security management process.
  • Develop and maintain standardized models, methods, and processes for ICT GRC risk management, including security monitoring and integration into regulatory frameworks (e.g., ISPF/ISCF).
  • Further develop and implement an Information Security Management System (ISMS) in accordance with ISO 27001 standards, including maintaining the associated process model.
  • Maintain and further develop suitable metrics and indicators as well as overarching ICT GRC risk indicators.
  • Maintain and advance the specifications and GRC processes of the 1st LoD, including all aspects of the Security Analysis Management Process (SecAM) and ensuring their implementation in technological platforms (e.g., ComRAM).
  • Support the 1st LoD in ICT risk management through collaboration with the security organization.
  • Maintain and enhance communication channels, ensuring target group-oriented communication and reporting, particularly within the Group-wide security organization and established safety committees.
  • Identify risk-related hot spot topics and develop actionable recommendations to control and mitigate ICT risks.
  • Optimize and improve processes, methods, and procedures for targeted and effective risk management in your area of responsibility.
  • Act as a knowledge multiplier in your area of expertise and support the transfer of expertise within the team based on needs and tasks.

Your profile

  • Education: A university or university of applied sciences degree (Master’s degree) in (business) informatics, (business) mathematics, natural sciences, or another field focused on information technology.
  • Alternatively: A technical or commercial vocational training in the banking/finance sector or in information technology (e.g., IT specialist, system programmer) combined with several years of professional experience in cyber and information security.

Additional Requirements and Expectations:

  • Support the analysis of international standards for ICT risk and resilience management.
  • Assist in maintaining, further developing, and implementing controls as part of the 2nd LoD.
  • Help maintain and improve standardized models, methods, and metrics for security management.
  • Provide support for specifications and processes within the 1st LoD ICT Risk Management.
  • Assist with risk-related hot spot topics and comprehensive reporting for GRM-ICT RRM.
  • Actively contribute to security support efforts in collaboration with the Information Security Organization.

Our Benefits

  • 30 days of vacation
  • Employer-funded pension
  • Flexible work
  • Employee conditions
  • Digital learning
  • Diversity
  • Family & job friendly
  • Friendly work environment
  • Inspiring company culture
  • Work-life balance

30 days of vacation; Employer-funded pension; Flexible work; Employee conditions; Digital learning; Diversity; Family & job friendly; Friendly work environment; Inspiring company culture; Work-life balance

The company

In Commerzbank Digital Technology Center Prague, we are transforming a traditional bank into a digital agile enterprise. We provide a wide range of various IT solutions, .Net and Java development, services in the area of application operation and infrastructure.
We are looking for thinkers with unconventional ideas and in return, we offer the freedom to create own job with own vision, wide range of benefits including home office, great learning opportunities, work-life balance, stability and family support. Sounds interesting?
Shape the future of banking with us! 

Contact

In case of interest, please apply via this job portal. 

vorherige Stelle nächste Stelle
Zurück