Senior Information Security Officer

We are seeking an expert in Information Security, with a particular focus on products and new initiatives. The ideal candidate will possess significant experience in both IT and Information Security, demonstrating a comprehensive understanding of information technology systems and security protocols. Strong interpersonal and communication skills are essential, as the role requires openness to new ideas and a positive attitude toward continuous change within the organization. Additionally, a thorough understanding of the Bank’s operational processes and business continuity procedures is required to ensure alignment with organizational objectives and to effectively contribute to the security posture.  What is expected of you?   Foster Information & Cyber Security to be perceived as a key business enabler, guide transformation of security into an enabler of digital products and processes  Execute, implement and monitor security program based on Security Strategy to ensure that the security (confidentiality, integrity) of information assets is owned, controlled or processed.  Periodic oversight and monitoring to ensure confidentiality, integrity, availability, authenticity, and nonrepudiation of organizational information, networks, applications, and infrastructure. Contribute to the development of security solutions across the product life-cycle, including analysis & evaluation of security measures, conducting security assessment and recommendation at implementing new technologies, services and information system architecture, and participation in change management process related to security domain.  Evaluate technologies and products regarding security, including deep-dive assessments of external hardware, software, and cloud service vendors. Analyse and evaluate risks of security relevant changes in projects or operations. Monitor and track the implementation and effectiveness of defined security measures in projects and during day-to-day operations Support in developing and executing a comprehensive product security strategy that aligns with the company's goals and risk appetite Threat Modeling and Security Architecture: Work directly with technical and non-technical stakeholders on threat models and security architecture for features or products. Identify vulnerabilities and security risks and draw up proposals for improvements and/or initiate countermeasures Maintain a strong knowledge of current and emerging security threats, determining applicability and proactively implementing mitigations Support in handling information security incidents to protect corporate information assets (internal data, customer data, …) and reputation Provide and maintain security controls with standards and regulations like ISO27001, IRAP, PCIDSS, DORA, PSD2, SCA and NIST. Able to work across and communicate with multiple functions (technical and non-technical), building productive relationships with stakeholders to foster a culture of security awareness and responsibility.    What you need to have:  Proficiency in English is a must.  University Degree in Computer Sciences or related  At least 5 years of proven experience in Cyber Security (IT system) or/and IT and Development. Strong Understanding of Software Engineering and Coding best practices. Solid knowledge on principles of cyber security, ICT risks management, business continuity and agile methodology Strong knowledge of security frameworks and practices (OWASP, cloud security, microservices security). Expertise in securing CI/CD pipelines, tooling, and workflows. Extensive knowledge of cloud platforms, networking, authentication and authorization systems. Knowledge of current technological trends and developments in the area of information security  Legislation and regulations knowledge in the field of information security, data protection (GDPR), ICT risks and business continuity management  Security certification/accreditation (CISSP, GIAC, CISM, CISA, ISO27001) desirable