O pozici
The TISL for MA&D ensures technology and cybersecurity risks are identified, managed, and mitigated throughout the end-to-end integration of acquired companies into The Company’s technology environment. The role partners with IMO, Enterprise Risk, IT, Security, and business stakeholders to enable safe, efficient integrations aligned with Our policies and deal objectives.
Co budeš dělat
- Integration Risk Assessment: Perform IT and cybersecurity risk assessments at deal close and through each phase; map critical systems, data flows, identities, access models, and third-party dependencies to The Company’s integration blueprint; define risk acceptance criteria and tolerances.
- Continuous Monitoring: Establish milestone-based checkpoints (Day 1, TSA, cutovers, migrations, identity consolidation, decommissioning); track key risk indicators; maintain a live risk register per acquisition.
- Intelligence-Driven Evaluation: Apply The Company’s threat intelligence, vulnerability advisories, and sector developments to active integrations; quantify impact/likelihood; provide timely decision support.
- Mitigation Strategy: Recommend pragmatic, time-bound controls that reduce material risk without unnecessary tooling; prioritize lightweight measures (hardening, segmentation, access containment, monitoring); define interim and final control states.
- Governance & Alignment: Embed risk criteria in cutover plans, TSAs, and decommission schedules; drive risk-based go/no-go decisions; present clear risk narratives and document decisions.
- Third-Party & Data Risk: Assess inherited vendors and external integrations; advise on continuity/exit; ensure data classification, retention, residency, privacy, and regulatory compliance during migrations; coordinate logging and evidence for audit.
- Incident Preparedness & Response: Ensure coverage for acquired environments (roles, runbooks, escalation); lead/support triage and containment; capture lessons learned.
- Documentation & Reporting: Maintain standardized frameworks and templates; deliver concise dashboards/status reports; track control effectiveness and residual risk to integration completion.
- Continuous Improvement: Identify patterns across acquisitions; develop reusable controls and playbooks; refine M&A due diligence, TSA language, and integration.
Koho hledáme
- Bachelor’s degree in information technology, cybersecurity, computer science, or related field (or equivalent experience).
- Relevant security or risk certifications preferred (CISSP, CISM, CISA, CRISC, GSEC) but not required.
- Project management and data governance, data science or privacy credentials are beneficial.
- Experience in cybersecurity, IT risk management, IT compliance, IT audit, or related fields.
- Experience performing risk assessments and advising technical and business stakeholders on security controls and remediation.
- Practical experience with cloud, application, platform, software delivery, AI or data and analytics security.
- Experience with SDLC and agile/DevOps practices, integrating security controls into CI/CD pipelines.
- Experience in regulated industries is preferred but not mandatory.
- Technical depth in security controls, threats, vulnerabilities, and mitigation strategies across technology, platforms, AI and data.
- Strong business acumen with the ability to explain technical risk in business terms and produce clear, actionable recommendations.
- Proven problem-solving and analytical skills; able to prioritize based on risk and value.
- Strong stakeholder management and communication skills; able to influence without formal authority.
- Comfortable working independently and within cross-functional teams; adaptable in a fast-paced environment.
- High emotional intelligence and a collaborative mindset.
Benefity
- Exciting work in a great team, global projects, international environment.
- Opportunity to learn and grow professionally within the company globally.
- Hybrid working model, flexible role pattern (e.g., even 80% full-time is possible in justified cases).
- Pension and health insurance contributions.
- Internal reward system plus referral programme.
- 5 weeks annual leave, 5 sick days, 15 days of certified sick leave paid above statutory requirements annually, 40 paid hours annually for volunteering activities, 12 weeks of parental contribution.
- Cafeteria for tax free benefits
