Cybersecurity Controls Design & Oversight Analyst

Antal is a leading recruitment and HR advisory company, present in Poland since 1996 and later expanded to the Czech Republic and Hungary. Across the CEE region, we employ around 150 professionals who deliver a full range of services – from specialist and executive recruitment, employee outsourcing and HR consulting, to employer branding and market research.

Our division-based structure combines deep industry expertise with functional specialisation, enabling us to provide tailored solutions for companies in every sector. We act as a trusted partner for both employers and candidates, sharing our knowledge and guiding them through every stage of the talent journey. We connect exceptional people with the right opportunities and help organisations build successful teams.

Essential experience:

• Strong background in Risk and Control Management, including control design, implementation, and assessment
• Knowledge of cybersecurity principles and technologies (generalist knowledge with specialist expertise welcome)
• Understanding of cybersecurity frameworks and standards such as NIST, CIS, or similar
• Familiarity with risk metrics and control measurements (KCIs, KRIs, KPIs)
• Ability to translate technical cybersecurity concepts into business-friendly language
• Experience writing technical documentation, policies, standards, and procedures
• Strong stakeholder management and communication skills in international environments
• Ability to work effectively both independently and within cross-functional teams

Nice to have:

• Knowledge of network security domains
• Relevant cybersecurity certifications
• Experience in large enterprise or regulated environments
• Familiarity with governance processes across multiple lines of defence (2LoD / 3LoD)

• Support the design, implementation, and maintenance of cybersecurity controls across technology and engineering functions
• Collaborate with Control Owners and governance teams to ensure controls align with internal requirements and industry standards (e.g., NIST 800-53)
• Define and maintain control measurements and indicators in line with risk and control frameworks (e.g., KCIs, KRIs, KPIs)
• Ensure cybersecurity controls comply with legal and regulatory requirements
• Contribute to the development and maintenance of cybersecurity policies, standards, and procedures
• Support reporting and analysis of cybersecurity control performance and effectiveness
• Work with cross-functional teams including engineering, security operations, and risk management
• Participate in governance processes to continuously improve the cybersecurity control framework