ICT Control Specialist / Senior ICT Control Specialist

XTB is a global company from the financial industry, focusing on online trading of financial instruments. It is the largest FinTech in Poland and a leader in Central and Eastern Europe, with operations in several countries including Asia and South America. XTB offers training and development programs and is a certified Great Place to Work company.

• Experience in IT audit, information security, or cybersecurity
• Practical knowledge of the DORA Regulation and readiness to apply it in day-to-day work
• Experience in ICT compliance
• Understanding of information security principles, including knowledge of ISO/IEC 27001 and ISO/IEC 27002
• Knowledge of regulatory and supervisory requirements and standards related to risk management, including ISO 31000
• Ability to analyse complex issues and formulate clear, precise conclusions and recommendations

• Monitoring compliance with the DORA Regulation (Digital Operational Resilience Act)
• Conducting independent ICT assessments and controls within the Second Line of Defence (2LoD), focusing on information security, cybersecurity, and IT infrastructure/systems management
• Preparing post-audit reports
• Identifying ICT risks and assessing their criticality from the perspective of operational resilience and regulatory requirements
• Developing recommendations and action points to reduce technological and process risks and support compliance with internal policies and external regulations/supervisory guidelines
• Monitoring the implementation of recommendations and remediation actions