INFORMATION SECURITY PROFESSIONAL

Job description:

  • Stays constantly informed on the local current regulatory requirements concerning information security (IT security, BCM, physical security) and passes this knowledge as required to Group Security and the local IT security manager
  • Ensures the implementation of the security relevant group directives and the local security requirements, together with the local management and the local specialized units (building, IT, etc.)
  • Acts as contact point for the local employees for concerns around information security
  • Fosters the security awareness on a local level
  • Stipulates local directives if necessary
  • Checks security relevant requests (e.g. mobile devices, port usage permission, logical access rights etc.) and submits them to the local executive board for approval (if necessary)
  • Review and assess change requests involving IT / information security
  • Controls the local implementation of security measures and requirements, assesses local deficiencies and directs their remediation
  • Review the security guidelines coming from headquarter and check them upon applicability in the local context
  • Analyze and report security incidents either detected by the central monitoring system or by the local security officer himself
  • Check regularly if the physical security is in place (doors closed, access logs, CCTV recordings, access rights, emergency exits accessible, etc.)
  • Write and present a security report to the management
  • Represent Bank in local financial industry security panels for information exchange

 

Qualifications and Experience:

  • Degree in Computer Science or related field
  • Preferred professional security certification(s) – CISSP, CISM, etc.
  • Minimal 5-8 years’ experience preferably last 3 years in Financial industry

Competencies:

  • Excellent understanding of information risk and mitigating measures
  • Good knowledge of bank ICT
  • Know-how in applying security standards (best: ISO/IEC 27002, possible: COBIT or NIST)
  • Knowledge about MAS regulatory requirements regarding information security (outsourcing, TRM, BCM, etc.)
  • Certification like CISSP, CISM, CISA or equivalent
  • Good local security network especially with other FIs would be advantages

Salary: $7,000 Per Month