Beschreibung
For a global bank based here in Zurich we are looking a Security Risk Manager for a long term contract.
The department protects information from inappropriate access, use, disclosure, disruption, modification, loss or destruction which would negatively impact the bank's legal, regulatory or financial standing.
The Information Security Risk Manager role will report to, and support the initiatives of, the department with direct responsibility for delivering the strategy globally, supporting the Investment Bank in all matters related to information security ensuring effective risk management across the organisation establishing the security baseline, managing compliance with this baseline and liaising with other business and IT functions, such as Legal & Compliance.
Activities in this role include the following:
- Assess and respond to Operational Risks and external threats
- Assess and develop responses to Audit issues.
- Attend Operating Committee and Forums to present IS posture
- Manage, and report on, security-related incidents and events
- Support Group initiatives ensuring IB requirements/investments are represented
- Determine regional security operations requirements across people, process and technology
- Conduct risk assessments, report outcome and support mitigation activities and projects
- Develop response recommendations (accept/mitigate)
- Engage Legal & Compliance to maintain view of IS requirements
Regional view:
- Support COO's and business activities as SME for security risk and compliance
- Develop region-specific standards to support IS policy framework and syndicate
- Provide approvals for change,
- Drive security culture/awareness Support regulatory engagements
- Drive compliance with group policies standards, and local regulatory requirements
- Support periodic internal controls assessment processes
Required skills include the following:
- Broad knowledge of information security
- Strong verbal and written communication & interpersonal skills in order to act as a contact and explain the solutions to users with different levels of knowledge.
- Strong analysis skills to enable analysis of alert and requests from business point of view.
- Analytical and problem solving skills with attention to detail.
- Understanding of access control, data protection leakage and approvals workflow.
- Understanding of information security principles and how these should be applied.
- Understanding of IT activities such as software development, production support, deployment and release processes, testing, and how they are managed in a large organisation.
- Advanced Excel, PowerPoint & Access skills.
We look forward to receiving your CV.