Information Security Specialist

This role will work on Information Security governance, risk and control domains, with a focus on controls, frameworks, and processes to mitigate risks and handle threats. A big portion of the work involves stakeholder engagement wrt design and improvement of control landscape including control objectives and control processes. This role will be responsible for ensuring the right control landscape that are required for protecting the Bank’s information and assessment of the residual risk.

Responsibilities:

· Conduct / participate assessments of information security controls, frameworks and control processes considering industry best practices, standards and regulations

· Take part in control / framework design, development and implementation

· Conduct / participate in Information Security Management System implementation internal assessment

· Work with representatives of governance and control stakeholders to ensure controls are fit-for-purpose, agreed upon and ratified.

· Act as an advisor to stakeholders on execution of control lifecycles, and contribute to their continuous improvement

· Participate in evaluation and/or authoring of information security policies and procedures

· Assist in risk and control assessments to identify the design and operating effectiveness of controls and frameworks

Competencies

· Good analytical skills and ability to work on both conceptual and practical complex tasks

· Very good communication skills, both written and verbal

· Self-motivated and flexibility to work autonomously in virtual teams.

· Ability to build up knowledge related to new technology / process / solutions in an effective and timely manner

Skills:

· Team management skills and experience desirable

· Knowledge about management of information security risks

· Experience of conducting risk assessments, gap analysis on control coverage and/or implementation for identifying and rating residual risks and reporting on it.

· Advanced knowledge of MS Office products.

· Familiarity or willingness to work with industry best practices and frameworks like ISO27001, NIST, CSA CCM, CRI Profile

· Preferred certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), Certified in Governance of Enterprise IT (CGEIT), ITIL, COBIT, Certified in Risk and Information Systems Control (CRISC))

Well-being & Benefits:   

·        A rewarding work: we offer a purpose, a competitive income and promotions based on performance  

·        Managers that empower your ideas and your decision-making abilities. You’re encouraged to show your good vibe, determination, and open mindedness  

·        A professional, passionate, driven, but at the same time fun workplace. It is also flexible, including Work from Home opportunities  

·        Medical insurance with premium benefits for you and discounted for your loved ones   

·        The better you feel, the better you work. We nurture you with highly modern office that includes plenty of fun and relaxing areas to boost your creativity. We also facilitate copiously retailer discounts, cultural and CSR activities, employee sport clubs, workshops & more. 

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.