This role will involve:
• As team member of the Risk & Security Desk you will be responsible for identification, measurement, assessment and reporting of information and information technology risk as part of second level of defence (2LOD) to protect the company’s information technology (IT).
• You will be responsible for the Digital Access Management (DAM) subject to all applications used by the bank (AVALOQ and others), which includes request and validation procedure as well digital access profiles maintenance to protect client and company data (INFO/DATA).
• You will provide incident response and support the IT teams during security incidents. You will investigate suspected security incidents, recommend and coordinate corrective actions including providing on-call services when needed.
• By assessing IT and INFO/DATA risks (Key Risk Indicators – KRI) you will identify, propose and implement appropriate mitigation actions in sense of Internal Key Controls (IKC) which requires close cooperation with the Head IT (first level of defence – 1LOD). You will participate in the development, operation, and improvement of security technologies, related tools and processes.
• By maintaining the Information Risk Framework (includes security charters, policies, procedures and security principles), you will support by close collaboration and interaction with the CISO of the Group as well with cross-functional teams within the bank.
• You will support your Head Risk & Security by preparing and presenting Risk & Security Assessments.
• You will be a member of the banks Security Committee and you will have a direct reporting line to Head Risk & Security of the bank (within CRO Desk) as well as an indirect reporting line to CISO of the Group.
The successful candidate will have:
• At least 5 years of experience in a similar position in the Financial Sector
• A degree in information and information technology security (CISSP / CRISC / CISM / CCISO / CGEIT / CAS in Information & Cyber Security) or relevant experience
• Very good knowledge of banking sector activities and functions to perform application profiles
• Excellent knowledge & experience and solution-oriented working methods in challenging areas such as outsourced applications, cloud, cyber risk (from risk assessment with defined risk appetite to risk measurement techniques / risk awareness trainings), business continuity management (BCM), data leakage prevention (DLP), Information Security Frameworks (NIST) and vulnerability & penetration tests.
• Excellent knowledge & experience of securing IT information technology / infrastructure with respect to information / data security concerns (external as well internal threat management), which excites you protecting the confidentiality, integrity and availability of client data, intellectual property, and IT assets.
• Ensure on-going compliance with internal regulation as well with external regulatory requirements (FINMA for CH and EBA for EU and/or any local regulation abroad)
• Strong interpersonal skills
• Solid problem solving and analytical capabilities
• Strong ability to prioritize multiple tasks and requests simultaneously
• Excellent verbal and written communication skills
• Growth mindset and team spirit
• Service and Client-oriented
• A self-starter, quick learner, results and quality oriented • Capable of working under pressure
• Structured and organized
• Proactive and autonomous
• Able to work in a multi-cultural environment
• Fluent in English – German would be highly beneficial
If you are an IT Security Officer and are looking for your next role, please apply below! We look forward to receiving your application!