Information Security Risk and Control Manager, Nordea Asset Management, Luxembourg
Nordea Bank
Luxembourg
il y a 1 mois

We arelooking for an InformationSecurity Risk and Control Manager tosupport the identification and mitigation of IT and cyber security risk and tomaintain compliance with requirements and standards.

This is an opportunity foryou to join a newly established experienced team within a dynamic andinternational organisation.

In today’s world, change is the one thing you can count on. But whatever the future brings, our customers remain at the heart of everything we do.

That’s where you come in. Working with dedicated colleagues in an exciting, fast-paced environment, you’ll help meet our customers’ changing needs.

We aim to be courageous and explorative in our approach to innovating better ways of delivering banking services anytime, anywhere.

This means you’ll have many opportunities to learn and grow as you build your career with us. Will you help us lead the way in creating great customer experiences?

Your future responsibilities

You’ll join Business Information SecurityOffice within Nordea Asset Management, where we are supporting our business in understanding IT and informationsecurity risks and in maintaining compliance.

We implement informationsecurity measures while enabling business agility. Our aim is to deliver valuethrough identification of threats, assessment of risk, expert consulting,instigating and monitoring controls as well as providing foundational securityservices to prevent, detect, and respond to disruptions.

What you’ll be doing : Assessment and Assurance

  • Perform security (risk and control) assessments and recommend security solutions to assist with improvement of security controls and practices
  • Work with business units and technologists to identify (Information security, Cyber and control) risks and implement security controls to mitigate them
  • Implement a framework to determine exposure to information / cyber security risk as well as to evaluate readiness to mitigate these risks
  • Facilitate activities related to disaster recovery and business continuity management including BIA
  • Facilitate activities related to data classification and privacy assessments
  • Manage and follow up on risk acceptances / exceptions
  • Help articulate risk appetite concerning information / cyber security risk
  • Advisory and Communication

  • Guide managers and technologist on information security controls and control design, proactively addressing the needs of the stakeholders in order to consistently meet or exceed defined levels of security. (awareness)
  • Support remediation activities to ensure that internal audit, legal and regulatory requirements are met.
  • Ensure that an adequate (as well as business friendly) assurance and reporting framework including evidence, KPIs and KRIs are in place
  • Coordination
  • Coordinate information security assessments and mitigating measures with relevant stakeholders IT, Legal, Operations and Privacy stakeholders
  • Act as the liaison between BISO function and risk functions
  • The role is reporting to the BISO / CISO functionwithin Asset Management in Copenhagen and based in Luxemburg. Welcome to a newly established, dynamic teamwhich will be a major contributor to the development of Asset Management in theinternational arena.

    Who you are

    Collaboration. Ownership. Passion. Courage. These are the four key values that guide us in being at our best. We imagine that you enjoy learning and are excited about bringing your ideas to the table.

    You’re dependable, willing to speak up even when it’s difficult and committed to empowering others. Your profile and background :

  • Bachelor’s degree in a related field. Master’s degree a plus.
  • 6+ years of relevant experience required, with proven knowledge of security controls, management of IT risks and IT audit
  • Deep knowledge of security policies, regulations, and compliance issues.
  • Strong ability to translate complex IT and security challenges and issues into business risks.
  • Willingness to travel (limited travel involved).
  • Relevant Security certifications ( CISM, CISA, CRISC, etc.) .
  • Expert knowledge of common information security management frameworks, such as ISO 27001, COBIT, NIST or SWIFT requirements.
  • If this sounds like you, get in touch!

    Postuler
    Ajouter aux favoris
    Retirer des favoris
    Postuler
    Mon email
    En cliquant sur « Continuer », je consens au traitement de mes données et à recevoir des alertes email, tel que détaillé dans la Politique de confidentialité de neuvoo. Je peux retirer mon consentement ou me désinscrire à tout moment.
    Continuer
    Formulaire de candidature