Job Type : Permanent
Contractual Legal Entity : BAT Poland
Application deadline : 04.06.2020
IDT Compliance Associate Manager
CISO / governance Risk and Compliance Team
As IT Compliance Associate Manager , you will ensure proper oversight of and compliance against the internal IT standards as well as legal and regulatory policies with which the organization is required to comply.
This role will form part of a team responsible for defining, implementing and maintaining the approach for IT compliance including periodic assessments, reporting and governance.
KEY RESPONSIBILITIES :
Assist in the development, implementation, monitor and reporting of the IT compliance framework.
Run period assessments for compliance against the IT standards.
Perform compliance reviews of IT systems, services and processes (including 3rd parties), to identify non-compliance risk, weaknesses in controls and opportunities to enhance operational efficiencies.
Assist in the development, implementation and monitoring of reporting mechanisms for IT compliance, to support governance and highlight area of exposure
Assist in the execution of vendor compliance reviews, including the assessment and treatment for risks that may result from partners, consultants and other service providers.
Business & IT stakeholders
Wider IT & Security / CISO Team
IT & Security Governance Committee / Forums
Risk and Audit Committees
External auditors & 3rd Party Vendors
SKILLS AND ATTRIBUTES
Qualifications and experiences
University degree in technology or a related discipline
Professional certification in IT and Security preferred e.g. CISA or CISM
3 or more years of progressive information security, IT
highly beneficial will be experience in GRC area, IT compliance / audit experience
A basic working knowledge of methods and best practice in IT compliance, risk management and IT Security.
Understanding of industry IT security standards and frameworks such as ISO, ITIL, COBIT, SOx and PCI.
Experience with reporting tools (advanced Excel), with strong attention to detail.
Experience of working in a complex geographical / functional matrix organization
Skills in relationship management and influencing at all levels of the organization
Knowledge of industry security, risk management and assessment methodologies and standards and applying them in a large enterprise environment - e.
g. ISO 27000 series, NIST, OWASP, PCI DSS
Good understanding of current and emerging IT and security technologies, security standards, threats and trends
Exposure and demonstrable experience in a least one discipline; e.g. Microsoft, Oracle, Cisco, SAP
Excellent written and communication skills including experience with non-technical audience
Preferred experience in international corporations, best in above market roles
Concise / clarity in answers
Genuine interest in GRC area
Interactive, engaging in discussion
Interested / opened for development environment
Curious / interesting profile (hobbies, achievements etc.)
British American Tobacco (BAT) is one of the World’s leading consumer goods companies, with brands sold around the globe.
Our vision is to Transform Tobacco and our industry, so - during 2019 - we are setting up a new Tech Hub in Poland to support and drive our digital transformation.
This is the start of the journey and we are looking for team player who is passionate about change and ready to support us in making digital part of our DNA.
Job Segment : Assistant Manager, Compliance, Law, Database, ERP, Management, Legal, Technology