Senior IT Risk Management Specialist
POL - Wroclaw
Smith+Nephew
Smith+Nephew is a global portfolio medical technology business. We design and make technology that takes the limits off living.Life Unlimited. At Smith+Nephew we design and manufacture technology that takes the limits off living.
The role is key to the evolution of the IT Risk Management program at Smith+Nephew (S+N). A holistic IT Risk Management Program requires the proactive pursuit of unknown IT Risk. This resource is required to lead this drive. This program is a critical component of a broader Cyber Security Maturity Program, with the backing of Senior Leadership.
The Senior IT Risk and Controls Specialist works in the Information Technology Group and reports to the IT Director of Governance Risk and Compliance (GRC).
The Risk Discovery Program identifies, analyses and treats risks related to the following:
- IT and Information Security functions and technologies e.g. Disaster Recovery, DDoS, Vulnerability Management
- IT Projects, new software, M&A
- IT Systems, Network Infrastructure, Security Infrastructure and Cloud Environments
- New threats relating to the Medical Device industry, regions of operation and IT technologies
What will you be doing?
- The design and implement a program of audits to identify, document, analyze and treat risks across the organization
- The Senior Specialist will be required to engaged with Business, IT, IS and Project team members, at various levels in the organization, in the execution of assessments and deployment of controls.
- Conducting Risk Discovery Audits and recommending risk treatments
- Monitoring the treatment of risks identified in prior audits
- Monitoring research organizations, media and other sources, for emerging threats or new information security regulations and law that that might impact S+N
What you will need to be successful?
- The role requires a strong background in IT Audit, Information Security and Risk Management, evidenced by relevant Industry Certification.
- As such a confident self-starter is would be best suited, who can design and deliver the program without micro management.
- Excellent communication and presentation skills will be essential (Must be fluent in English)
- One or more professional qualifications related to Information Security and Risk Management, are required CISA, CIA, CCSP, CRISC
- Prior experience in healthcare industry e.g. Medical Devices, Pharmaceuticals, will be an advantage
You. Unlimited.
We believe in creating the greatest good for society. Our strongest investments are in our people and the patients we serve.
Inclusion, Diversity and Equity: Committed to Welcoming, Celebrating and Thriving on Diversity, Learn more about our Employee Inclusion Groups on our website
Your Future: annual bonus, life insurance, company stock saving plan
Work/Life Balance: paid volunteering hours, flexible approach
Your Wellbeing: private health care with dental care package, multisport card/my benefit platform
Flexibility: possibility of working in hybrid model
Training: Hands-On, Team-Customized, subsidies for language classes, certifications and postgraduate studies
Extra Perks: referral bonus, recognition program, mentoring program
#LI-GG1
#LI-HYBRID
Stay connected and receive alerts for jobs like this by joining our talent community.
We're more than just a company - we're a community! Follow us on LinkedIn to see how we support and empower our employees and patients every day.
Check our Glassdoor page for a glimpse behind the scenes and a sneak peek into You. Unlimited., life, culture, and benefits at S+N.
Explore our new website and learn more about our mission, our team, and the opportunities we offer.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CCSP CIA CISA Cloud Compliance CRISC DDoS Governance Monitoring Risk management Vulnerability management
Perks/benefits: Equity / stock options Flex hours Health care Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs