This function is responsible for development and maintenance of the group wide strategic Information & Cyber Security risk management and governance program
This function transforms the strategic requirements into processes on group level as well as develops metrics for ongoing performance measurement and reporting
The Information Security Governance and Risk Manager leads and participates in the conceptual design and the management of Information & Cyber Security processes and tasks including the definition, maintenance and tracking of security regulations, risk management, definition of mitigating measures, awareness, etc. within RBI Group
- Develop and maintain group security regulations (policies and standards) according to established security standards (e.g. ISO 2700x, COBIT, etc.)
- Collaborate in defining methodologies for risk identification, evaluation and treatment
- Conduct security risk assessments and compliance checks to identify the effectiveness of controls and the derived risk status within RBI Group
- Participate in security projects (as business representative for Information & Cyber Security management)
- Consult business and IT functions in non-security projects regarding information & cyber security risks and the definition of adequate measures.
- Advice local Information & Cyber Security managers of RBI network units on the implementation of group security policies/standards/guidelines and the effectiveness of security measures
- Maintain relationships with key partners within the business units as well as in the Second Line of Defense units
- Foster a culture that promotes Information & Cyber Security within RBI Group and act as a bridge builder in areas of conflicts
- Knowledge and experience in Information & Cyber Security Management with regards to processes, concepts, methodologies, technologies and products
- Have a master degree in security/engineering, computer science or business information systems or adequate practical experience
- Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g. application of defense-in-depth)
- Strong coordination and excellent communication and presentation skills within an international environment
- Strong team orientation
- Excellent command of written and spoken English, German is an asset
- Vendor independent security certifications (e.g. CISA, CRISC, CISSP...) are an asset
- Join our dynamic and motivated team in one of the leading banking groups in Austria and Central and Eastern Europe
- EUR 60.000,- annual gross salary incl. overtime – additional payment according to skills and experience
- Work-Life balance due to variable working hours
- State of the art learning and development opportunities
We are looking forward to receiving your online application!
- Führerschein erforderlich?
- Auto erforderlich?