Senior IT & Security Risk Officer

 

 

 

SIX drives the transformation of financial markets.

 

What sets us apart drives us ahead: between local roots and global relevance, we are a unique blend of tradition and future, of foundation and growth. We value bright minds and inspire them to grow with their ideas. Come and shape the future of finance with us.

 

 

 Senior IT & Security Risk Officer

Madrid | Working from home up to 40% | Reference 7051

 

 

Do you want to work in a highly dynamic environment? Are you passionate about IT Risk Management and IT Control Monitoring and Assessment? Then our IT & Security Risk and Governance Team wants to hear from you! We are an international team, working in Spain and Switzerland. To fulfill our duties, we are seeking a highly skilled and experienced Senior IT & Security Risk Officer to join our team in Madrid. As the 2nd Line of Defense within SIX, Corporate Security is responsible company-wide for the design, maintenance and control of all Integral Security Risk guidelines and requirements (including Business Continuity Management, Physical Security as well as IT & Security risks for third parties). Additionally, we are responsible for the monitoring and independent assessment of IT and security specific key controls. We also support the implementation of various contractual, regulatory and legal security requirements (e.g. SWIFT, Internal Control System (ICS), PCI-DSS). 

 

What You Will Do 

• Act as the CRO contact for Integral Security-related risks, ensuring comprehensive risk management practices and collaborate with various stakeholders to identify, assess, and mitigate Integral Security risks 
• Oversee the implementation of Integral Security risk measures and regular reporting to senior management 
• Conduct regular assessments and spot checks to ensure the effectiveness of IT controls 
• Conduct Independent Project Risk Assessments by evaluating project dimensions such as Scope, Time, Cost, Benefit realization, Resources, Risk, and Organization to ensure project objectives are met 
• Evaluate and challenge identified project risks, assess the effectiveness of defined mitigation measures, and suggest additional measures as necessary to ensure project success

What You Bring

• Bachelor’s degree in Information Technology, Computer Science, or a related field 
• Several years of experience in IT risk management, ICS / IT controls and audit or compliance within the financial services industry 
• Excellent organizational and coordination skills, ability to identify and solve problems systematically and deliver sustainable results 
• Relevant certifications such as CRISC, CISM, CISSP, or CISA are highly desirable. Knowledge of COBIT, PCI-DSS, ISO/IEC 2700x, ISAE3402, ISF Standard of Good Practice is an advantage  
• Strong communication skills, both written and verbal, in English; Spanish or German is a plus

If you have any questions, check out our FAQ page or call Yuliya Stoyko at +34 917095993.

 

For this vacancy we only accept direct applications.

 

Diversity is important to us. Therefore, we are looking to receiving applications regardless of any personal background.