Beschreibung

In this role, you will shape the Group's global information security strategy while ensuring compliance and operational resilience. Your day-to-day responsibilities will include advising leadership on cyber risks, overseeing security frameworks, and fostering a culture of security awareness across the organization.

Anforderungen

• •Minimum 8 years of experience in Information Security
• •Strong expertise in cybersecurity governance, risk management, and compliance frameworks
• •Proven track record in developing and managing complex security programs
• •Solid technical understanding of cloud security, SIEM/EDR platforms, and secure infrastructure architecture
• •Excellent leadership and communication skills
• •Fluent command of English, both written and verbal
• •Strong people management capabilities
• •Good understanding of the regulatory environment and Group governance principles
• •Awareness of the digital banking ecosystem and its risk characteristics
• •Sound understanding of enterprise risk management frameworks
• •Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field
• •Professional certifications such as CISSP, CISM, CISA, GIAC, or ISO 27001 Lead Implementer/Auditor
• •Experience with DevSecOps, cloud-native environments, and regulatory engagement

Aufgaben

• •Lead the design and implementation of the global information security strategy
• •Define and maintain the information security vision and roadmap
• •Advise senior management and the Board on cyber risks and investment priorities
• •Develop a global security framework aligned with ISO 27001 and NIST standards
• •Promote security-by-design and privacy-by-design in all technology initiatives
• •Oversee the Information Security Management System (ISMS) for compliance
• •Conduct risk assessments and develop risk treatment plans
• •Manage security policies and procedures across all jurisdictions
• •Coordinate with Compliance, Risk, and Data Protection Officers
• •Oversee third-party and cloud security assessments
• •Supervise SOC operations for threat detection and incident response
• •Act as the escalation point during major cyber incidents
• •Maintain and test Business Continuity Plans and Disaster Recovery Plans
• •Drive improvements in threat intelligence and digital forensics
• •Lead and develop the GRC, SOC, and Task Force teams
• •Attract and retain top talent with clear performance goals
• •Promote security awareness and training organization-wide
• •Represent the Group in front of regulators and auditors
• •Collaborate with IT and other teams to integrate security into business initiatives
• •Maintain relationships with external partners and industry peers

Tools & Technologien