Senior Cloud Security Controls Specialist – Risk and Compliance

The role is with a leading organization in the cybersecurity industry focused on empowering organizations to protect their cloud environments. The position is based in Kraków with a hybrid work model.

• 5+ years of experience in IT risk, controls, or cybersecurity, with a strong focus on cloud security.
• Expertise in Risk and Control Management, with the ability to communicate complex IT concepts effectively to diverse stakeholders.
• Generalist knowledge of Cybersecurity, including metrics such as KCIs, KRIs, and KPIs.
• Proven technical background with experience in managing technology risks and controls.
• Strong technical writing skills and proficiency in written English.
• Experience with Excel, PowerPoint, Word, Outlook, Jira, and Confluence.
• Ability to respond to ad-hoc tasks swiftly while maintaining high-quality outputs.
• Capable of managing conflicting priorities efficiently.

Nice to have:

• Experience with automation in report creation or data processing.
• Familiarity with GRC Tools and ServiceNow.
• Background in Business/Data analysis.
• Project/Programme Management experience.

• Collaborate with Control Owners, Security Architecture, 2LoD (Risk Management), and Chief Control Office to ensure alignment and facilitate projects within the Cloud Security Controls Team.
• Oversee governance of Cybersecurity controls on Cloud, ensuring their measurement aligns with HSBC’s frameworks and industry best practices.
• Coordinate multiple stakeholders to implement enhancements to Cybersecurity risks and technical controls in Cloud environments.
• Facilitate and administrate meetings, forums, and operate forums effectively.
• Maintain and update the Team’s Operating Model, procedures, and Confluence documentation.
• Manage Epics, Stories, and Tasks within JIRA to support team goals.
• Define business requirements and participate in User Acceptance Tests (UAT) for future developments.

Only candidates with an existing legal right to work in the European Union will be considered for this role.