Information Security Officer

Reference:

VAC-769

Sector:

Fin-Tech

Salary:

Competitive

Town/City:

Luxembourg

Contract Type:

Full Time

Talk to us

Keir Lyon Fraser, Headhunter I Cyber Security
+31 203 030 257
(0830 - 1830)

About the Company :

Our client. an exciting and rapidly growing Fintech is seeking an experienced Information Security professional to assist their international expansion. The ideal candidate should have a strong background within Information Security standards and an interest in working in the Fintech industry.

 

Responsibilities:

  • Ensure that our security and compliance accreditations GDPR, PCI DSS, ISO 9001 and ISO 27001 accreditations & ISEA3402 are achieved and maintained
  • Identify the associated compliance control gaps and oversee the documentation, implementation and testing of the entire compliance control portfolio
  • Develop and implement compliance control monitoring programs to ensure compliance-related risks are managed to the appropriate level of acceptable residual risk.
  • Implement and maintain a compliance issue management tracking and resolution process that will address known issues, according to severity and potential impact to the organisation.
  • Collaborate and closely work together with key internal departmental stakeholders such as Product, Engineering, IT Infrastructure and Finance to achieve and maintain our security and compliance accreditation.
  • Report the levels of compliance risk and control effectiveness to key stakeholders such as the Board, Suppliers, Legal management, Regulators, Internal/External auditors, etc.
  • Coordinate audit-related tasks such as ensuring the readiness of managers and their organisations for audit testing and facilitating the timely resolution of any audit findings.
  • Provide technological advice and insight on compliance requirements to non-IT leaders
  • Assist business and IT managers with the acquisition of tools and expertise to assist with compliance- related projects and initiatives.
  • Execute a compliance training and awareness program that periodically educates the requisite end-user community on the relevant compliance requirements, and certifies their adherence to the relevant compliance controls.
  • Assist in Business continuity planning and review
  • Execute security awareness trainings for all employees and secure coding training for all developers

 

You have:

  • Excellent understanding of information security concepts, protocols, industry best practices and strategies.
  • Experienced in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.
  • Strong analytical skills to analyse security requirements and relate them to appropriate security controls.
  • Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.
  • A strong understanding of the business impact of security tools, technologies and policies.
  • (In-depth) knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls;
  • Hands-on, able to see the holistic picture as well be able to dive in the details / depth and vice versa.
  • Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the all layers of the organisation;
  • Project management skills and Risk assessment.
  • The ability to work effectively together with internal key stakeholders.
  • Pro-active/self-starter, capable to work with minimal supervision.
  • Experience and/or a strong understanding of GDPR
  • Experience and/or an understanding of operating system internals and network protocols.
  • Experience and/or an understanding of application technology security testing.
  • Experience and/or an understanding of system technology security testing (vulnerability scanning and penetration testing).

 

Required Experience:

  • CISA, CISM and/or CISSP Certifications.
  • A minimum of five (5) years’ experience in an Information Security role.
  • A minimum of five (5) years of IT experience.
  • A bachelor's degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred.
  • Experienced with ISO 27001 and PCI-DSS.

Talk to us

Keir Lyon Fraser, Headhunter I Cyber Security
+31 203 030 257
(0830 - 1830)