let’s make something together

Give us a call or drop by anytime, we endeavour to answer all enquiries within 24 hours on business days.

Find us

PO Box 16122 Collins Street West
Victoria 8007 Australia

Email us


Phone support

Phone: + (066) 0760 0260
+ (057) 0760 0560

Cybersecurity Control Oversight Manager

  • By Tatiana Kouhan
  • 25 August 2023

Whilst the job holder will be based in Krakow, Poland, this is a Global role covering Global Cybersecurity Controls applicable to all countries and legal entities

Cybersecurity Controls Oversight Manager will play a key role in the monitoring and assessing effectiveness of the Cybersecurity control environment. The role holder will be also tasked with defining and maintaining operational controls instances, their measurements as well as Policies, Procedures and Standards for Group Cybersecurity.

  • Representing Cybersecurity Controls in senior management forums; 
  • Working with the Control Owners and other stakeholders to ensure timely execution of self-assessments.
  • Collecting and maintaining accurate evidence and maturity scoring reviews for cybersecurity controls.
  • Working with CRCS teams to ensure that the defined controls are compliant with Legal/RegulatoryMandatory requirements and that measurements provide sufficient data for stakeholder reports;
  • Working with 2LoD, CCO Technology and Audit (internal and external) to ensure that the Cybersecurity owned controls are monitored, assessed and tested according to the Bank’s requirements, Risk Management Framework (RMF) and industry standards and best practices.
  • Managing escalation of issues through appropriate channels based on the results of oversight process.
  • Strong Risk and Controls Background
    • Significant, subject matter expertise in Control Monitoring and Assessment. 
    • Ability to translate difficult IT concepts into business-friendly language;
    • Experience with Technology risks and controls. 
  • Technical background 
    • Knowledge of Cybersecurity – at least a generalist with specialist area expertise welcome. Well understanding of Identity and Access Domain will be a plus.
    • Possession of recognized certificates will be an advantage;
    • Understanding of metrics and measures in managing risks and controls (KCIs, KRIs, KPIs) is a must; 
    • Technical writing skills and highly proficient use of written English is required to ensure quality output for Control, Policies, Procedure and Standards design and maintenance.
  • Strong stakeholder management and communications skills
    • Experience of working at an operational level in international environments which drive a true international perspective;
    • Managing stakeholders including the Group CISO, Cybersecurity Leadership and staff, Chief Controls Office and 2LoD Resilience Risk teams.
  • Team-oriented mentality combined with ability to complete tasks independently to a high quality standard
    • Experience within fast-moving, complex and demanding corporate environments where Cybersecurity controls issues have to be handled on a large scale and with a need to multi-task whilst dealing with ambiguity and change.
  • Interpersonal Skills
    • Influential, credible and persuasive, active listener, embraces the company Values, shows good judgement and demonstrating high level of communication skills in order to achieve effective stakeholder management.
  • Familiarity with the NIST 800-53 would be beneficial;
  • Knowledge of Centre for Internet Security (CIS) Measures and Metrics is a plus;
  • Experience with GRC Tools is a plus;
  • This role is within the 1st Line of Defense and will play a key role in the monitoring and assessing of data driven control environment that will provide the Technology and Business with better understanding of their exposure to risk and effectiveness of protective measures deployed by the company Cybersecurity. 
  • The role holder will provide technical expertise in monitoring and assessing controls environment.

Note: Prepare your CV in English (PDF), fill in the form and apply! 🙂
Please include in your CV the following clause necessary for the recruitment process: 

I agree to the processing of personal data that I have made available voluntarily in the recruitment process by the Administrator of personal data, i.e. Dotcommunity Spółka z ograniczoną odpowiedzialnością [Ltd.] based in Cracow, 15 Żabiniec Street, 31-215 Cracow, registered in Poland, the Cracow’s District Court – Śródmieście, XI Commercial Division of the National Court Register under number 0000468484, VAT number: 9452174499, (“Dotcommunity”) in order to carry out the recruitment process for the Cybersecurity Control Oversight Manager position on the basis of Art.6 item 1a of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

Dotcommunity jest zarejestrowana w Rejestrze agencji zatrudnienia (KRAZ) pod numerem 9904.