Reporting directly to the Head of information security, the Information Security Officer (ISO) will be part of a team in charge of the Information security, the IT risk and the IT governance.
The role : Deal with the organisation’s security framework politics, standards, security procedures.
Work with business and IT teams to develop information security requirements and concepts.
Perform IT Risk Analysis and propose risk mitigation measure.
Participate in development and implementation of the appropriate and effective controls to mitigate identified threats and risks (Second line of defence).
Manage the Vulnerability management process and follow-up.
Organise the Disaster Recovery Plan (DRP).
Manage security incidents, response planning and investigation in case of breaches.
Recommend security measures to address cyber threats identified.
Deal with internal and external audit regarding audit reports and findings.
Perform monitoring of third parties, managed services (SLA) and contractual information security requirement.
Key skills / Requirements : University degree (master or diploma) in Information Security or Information Technology; IT affinity is recommended.
Be even more proud of the 3 years’ security related work experience, preferably with an insurance institution.
Strong IT Risk experience and ability to perform IT risk assessments.
IT governance and compliance experience.
Experience in process orientation; knowledge of methods and procedures in the information security sector Strong technical IT background (a former engineer).
Knowledge of general legal and regulatory conditions and requirements in the insurance / financial industry, for example ISO 2700x, NIST, Very good IT skills, competent handling of MS Office application.
Excellent analytical skills and experience to understand structure and prepare / explain complex topics.
Team orientation and strong communication skills.
Excellent communication and redaction skills in French and English; German (nice to have)