The Information Security Officer will work with business and technology teams and will engage with regulators, clients, and internal colleagues on all matter pertaining to information security and technology risk.
The main responsibilities will be :
Act as the focal point for all information security topics, requests and changes.
Review information security governance and controls across a wide array of technologies.
Report on the status of the information security programme to relevant boards.
Assist the IT department in the design of additional controls or change to current controls.
Conduct or supervise risk assessments of all major changes and other significant projects.
Providing guidance and train IT staff on the implementation of information security principles and requirements.
Assist the IT team on the deployment of new cyber security solutions and manage a small team.
Conduct investigations and report information security related incidents and ensure timely remediation of any risks / issues.
Respond to customer queries on information security.
Take care of end-user’s trainings in order to manage the IT Security awareness.
Master degree in Computer Science, Information Systems or a related field.
At least 5 to 10 years of experience in IT Risk Management and Information Security Risk.
Strong background on a wide array of core and security technologies such as Network, Firewalls, Identity Access Management tools and understanding of core IT technologies.
Experience of regulatory and legal environment as it relates to the financial services industry and the protection of client and company data would be beneficial.
Thorough knowledge of the ISO 27001 and ISO / IEC 22301 controls is a plus.
ISACA, CISSP certifications are highly welcome.
Strong communication, analytical and problem-solving skills.
Able to work in tandem with technical teams in order to deliver.
Fluent written and spoken English, good level French, German is a plus.