Information Security Officer Euro Hub 100% (m,f,d)

At Julius Baer, we celebrate and value the individual qualities you bring, enabling you to be impactful, to be entrepreneurial, to be empowered, and to create value beyond wealth. Let’s shape the future of wealth management together.

The incumbent is responsible for ICT and Security Risk Control activities as part of the 2nd Line of Defence function, including local responsibility for all Information Security related activities in this remit.
The incumbent will work closely with global counterparts in Switzerland to support the rollout of global initiatives in Luxembourg and ensuring that local requirements are incorporated into global policies, framework and/or standards. As part of the Risk Management function in the Bank, the incumbent will need to work closely with the IT, IT Risk Management, or other relevant functions to ensure that ICT and Security Risks are highlighted, mitigated, and remediated appropriately.
The ICT and Security Risk Control Manager is supporting / contributing to implement and maintain the IT risk management strategy (e.g. security roadmap, control plans, policy). As an independent 2nd Line of Defence control function, the ICT and Security Risk Control Manager is directly accountable to the management body and is responsible for monitoring and controlling adherence to the ICT and Security Risk governance framework.
The incumbent is also named towards the regulator as responsible for managing and overseeing ICT and security risks.

YOUR CHALLENGE

• Local contact to advice initiatives and projects from an ICT and Security Risk point of view
• Responsible to define requirements and support the implementation of ICT and Security Risk related initiatives
• Responsible to investigate information security related incidents and follow up with management and required parties
• Define, implement and maintain the ICT and Security Risk governance framework
• Oversight IT Risk Activities
• Control the IT Risk Register
• Provide Risk Transparency
  • Provide Risk Reporting to Risk Management Forums, Committees and Boards
  • Conduct quarterly IT Risk Committee meetings
  • Develop, maintain and report KPIs and KRIs for ICT and Security Risk

• Manage Regulatory Requirements
  • Maintain a regulatory monitoring radar
  • Perform gap analyses on new regulatory requirements
  • Supervise regulatory assessments
• Ensure a management and oversight of the IT control plan
• Responsible for 2nd LoD ICT and Security Risk related controls and ensures its execution
• Act as the local SME regarding Data Leakage Prevention controls
• Keep abreast of new or changing regulatory requirements and technology advances

YOUR PROFILE

• Strong inter-personal and communication skills
• A hands-on individual who can work independently to drive initiatives and tasks
• At least a Bachelor’s degree in Information Security, Computer Science, or Computer Engineering and proven working experience in IT Risk Management and Control, IT and the financial sector
• Solid organizational skills including attention to detail
• Strong working knowledge of Microsoft Office, SharePoint and JIRA
• Excellent analytical and critical mindset
• Excellent English language skills, German/French language skills would be an advantage
• Strong knowledge of IT regulatory standards of Luxembourg and the EU
• Professional certifications in Information Security (e.g. CISSP, CISM and CISA) or Risk Management (e.g. CRISC) is an asset.

We are looking forward to receiving your full job application through our online application tool. Further interesting job opportunities can be found on our Career site.

Is this not quite what you are looking for? Set up a job alert by creating a candidate account here.