Information Security Specialist - GRC/ITSM Focus (all humans)

Make a difference in the financial life of millions of people: At Erste Digital you are co-creating the digital future, in which better financial health is possible. #believeinyourself

We are part of Erste Group – the largest banking group in Central and Eastern Europe with more than 2,500 branches and over 45,000 employees. Our more than 2,000 IT experts and enthusiasts are the bank's Digital Muscle.

With “George”, a leading European banking platform, we are committed to pushing the boundaries of modern user-centric banking, driving product and technology innovation, and creating impactful financial products that shape the future.

We are seeking a highly skilled and motivated Information Security Specialist to support our IT Service Management team, providing expertise in the IT Governance, Risk, and Compliance (GRC) and security-related activities in that area. In addition to the ITSM stakeholders, you will also collaborate with software development and infrastructure teams throughout the software development lifecycle to provide the expected ITSM/GRC contributions.

What to do:

• IT Service Management (ITSM) Support: Act as a point of contact for security activities and stakeholders around ITSM within the George ecosystem

• IT GRC Reporting: Prepare and present regular reports on IT GRC activities and security metrics to senior management

• Risk Management: Identify, assess, and manage IT risks, developing strategies to mitigate potential threats

• Policy Development: Assist in the development and implementation of IT security policies and procedures

• Continuous Improvement: Identify opportunities for continuous improvement in ITSM and security processes, recommending and implementing enhancements

• Penetration Testing Preparation: Assist in the preparation and execution of penetration tests to identify and mitigate security vulnerabilities

• Security Awareness Training: Conduct security awareness training sessions for engineers to promote a culture of security

Requirements

You check these boxes:

• Bachelor's degree in Computer Science, Information Technology, or a related field

• 5 years combined experience in IT service management, IT GRC, and security-related activities

• Knowledge of ITSM frameworks (e.g., ITIL) and security standards (e.g., ISO 27001, NIST)

• Strong analytical and problem-solving skills

• Strong communication and interpersonal skills

• Relevant certifications (e.g., CISSP, CISM, ITIL) are a plus

Why you will like us:

• Possibility to benefit and learn from our international, talented and passionate community at Erste

• Interest groups and clubs: Take part in discussions and get involved in projects. Numerous interest groups invite you to engage with a topic

• Health Care – Taking care of your health is important. That’s why we contribute to your above standard medical examination and provide a helpline in case of hard lifetime situations. You also receive a salary compensation during sick leave

• Work-Life-Balance – Sabbatical, paternity leave, contribution to marriage & childbirth, 4 days of extra holiday per year, contribution to the 3rd pillar and MultiSport card. This is how we promote a balance between work, leisure, and family

• Employee Referral Program – Become a talent scout for career opportunities in IT. We are rewarding every successful referral for Erste Digital

• A competitive and performance-related salary dependent on your professional and personal qualifications is granted - we are obliged by law to quote the minimum wage of EUR 2.800,- gross per month for this full time position. But this is just a formality, we are more than happy to discuss your actual expectations.

The way we are:

Erste Group considers the diversity of its employees as key to innovation and success. As employer we are proud to offer everyone equal chances, irrespective of age, skin colour, religious belief, gender, sexual orientation or origin.