IT Risk Analyst
Offer summary

(Summary generated by AI based on the full job description)

The project focuses on third-party cybersecurity risk management following NIST, ISO 27001, SOC 2 frameworks and regulations like DORA. Core responsibilities include risk assessment and due diligence of vendors, monitoring security posture, managing control gaps, and collaborating with internal departments. The role requires analyzing threats in information security, data privacy, and business continuity domains. Benefits include medical care, training, sports activities, and insurance.

newyou can start ASAP

IT Risk Analyst

Company: Mindbox Sp. z o.o.

from: 9 July 2026
to: 8 August 2026
11 400 - 13 400net (+ VAT)/ mth.B2B contract (full-time)
Offer parameters
level:mid • senior
working mode:hybrid
location:Warszawa, Masovian
Warszawa, Masovian

Requirements

Operating system

Windows

Our requirements

  • 3–5 years’ experience in risk management, cybersecurity risk, or IT risk
  • Expertise in conducting vendor cybersecurity assessments and due diligence reviews
  • Knowledge of frameworks: NIST, ISO 27001, SOC 2
  • Strong analytical and problem-solving skills
  • Ability to assess risk under uncertainty and propose actionable solutions
  • Excellent written and verbal communication skills

Optional

  • Experience in tech, financial services, or regulated environments
  • Familiarity with regulatory standards: DORA, GDPR, SOX

Your responsibilities

1. Risk Assessment & Due Diligence
  • Perform cybersecurity and risk assessments on third parties using standardized industry frameworks
  • Evaluate supplier security posture, controls, and compliance with Equinix standards
  • Analyze risk across multiple domains: information security, data privacy, and business continuity
  • Assign risk ratings and document findings according to TPRM standards
  • 2. Risk Identification & Issue Management
  • Detect control gaps and vulnerabilities; recommend remediation plans
  • Track and document remediation progress with vendors and internal teams
  • Escalate high-risk findings based on defined governance thresholds
  • 3. Ongoing Monitoring
  • Support continuous monitoring: threat intelligence reviews, security ratings, vendor performance updates
  • Track changes in risk posture and support periodic reassessments
  • 4. Stakeholder Engagement
  • Partner with Procurement, Security, Legal, and Business Units to enable risk-based decisions
  • Communicate risk findings effectively to technical and non-technical stakeholders
  • 5. Program Support & Documentation
  • Maintain accurate and auditable records of assessments and decisions
  • Ensure compliance with TPRM policies, industry standards, and regulations (e.g., DORA, NIST, ISO)
  • Support audits and regulatory reviews with necessary documentation
  • Note: Detailed project information will be shared during the recruitment process.

    About the project

    As a Third-Party Risk Analyst, you will play a critical part in protecting Equinix from third-party cybersecurity and operational risks. This role involves executing risk-based due diligence, monitoring supplier security posture, and supporting Equinix’s Third-Party Risk Management (TPRM) program in line with industry and regulatory standards.
    Sounds like your kind of challenge?

    This is how we organize our work

    This is how we work

    agilescrum

    This is how we work on a project

    • Continuous Deployment
    • Continuous Integration
    Joining this project you’ll become part of Mindbox – a tech-driven company where consulting, engineering, and talent meet to build meaningful digital solutions. We’ll back you up every step of the way, accelerate your development, and ensure your skills make a difference.
    Company

    What we offer

    • We are open to the employment form according to your preferences
    • Work with experienced and engaged team, willing to learn, share knowledge and open for growth and new ideas
    • Hybrid work setup – remote days available depending on the client’s arrangements - 2 days a week from the office in Warszawa
    • Mindbox is a dynamically growing IT company, but still not a large one – everybody can have a real impact on where we are going next
    • We invest in developing skills and abilities of our employees
    • We have attractive benefits and provide all the tools required for work f.e. computer
    • Interpolska Health Care, Multisport, Warta Insurance, training platform (Sages)

    Benefits

    • sharing the costs of sports activities
    • private medical care
    • sharing the costs of professional training & courses
    • life insurance

    Mindbox Sp. z o.o.

    At Mindbox, we connect top IT talents with technology projects for leading enterprises across Europe.
    Our focus is on matching your skills with work that matters – projects that use modern tech stacks, solve real business challenges, and give you space to grow. By joining us, you’ll deliver technology solutions for well-known brands, supported by the Mindbox team that values knowledge-sharing and continuous development. We make sure you have the tools, flexibility, and guidance to do your best work – and to keep moving forward in your career.
    IT Risk Analyst
    11.4k–13.4k zł / mth. (B2B)
    I apply to:
    Mindbox Sp. z o.o.
    Warszawa, Masovian
    Pracodawca zbiera zgłoszenia przez swój system.
    Przejdziesz na zewnętrzny formularz.

    By clicking "Aplikuj" you confirm that you've read and accepted our Terms and Conditions.


    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

    Need more information?

    • Make sure the body of the offer doesn’t already include what you’re looking for.
    • Ask a question if you need more information you’re interested in.
    • We’ll forward your question to the employer and aim to provide a response within 3 business days.

    Share this offer