We are looking for someone to contribute to define the strategy and support the implementation of one of the Security projects aiming at reducing third parties (providers, business partners, clients) security risks.
To face the ever evolving threats we are evolving and expanding the Group Security & Business Resilience Division.
As a global critical financial infrastructure, the protection of information and assets is fundamental to the company’s business. Security is at the core of our services, firmly embedded in the management systems and processes of the company. You will be joining our Group Security & Business Resilience (GSBR) in charge of putting in place the required controls to adequately and effectively protect our information assets.
The recent spate of cyber-attacks on some of the world’s largest organisations has highlighted the requirement for a strong information and security function. Security threats are a Board-level agenda item as they have the capacity to disrupt the entire European post-trade process.
Within the Group Business Continuity team & Crisis Management team, you will:
- Contribute to define the strategy and support the implementation of one of the Security projects aiming at reducing third parties (providers, business partners, clients) security risks across the group. This project covers the end-to-end third party’s security risk management process and will be progressed in close collaboration with Supply Chain and other teams.
This process will be based on the following key elements:
- A risk profiling of suppliers / third parties (new and existing);
- A security risk assessment tailored to the risk profile
- Management of the “residual” risks in line with the risk management framework
- Contractual requirements and termination
Alongside to this project you will be an information security advisor to the business on different topics, including current vendor’s assessments.
You'll join a small team of security analysts who already started the project a few months ago using Agile way of working.
What are we looking for?
- Degree in IT or Business
- Strong experience of Information Security (including certifications) and of third parties security management
- Languages: English
- You are able to set the direction of a project and like working with different people and have strong oral and written communication skills.
- You are accurate, timely and able to organize yourself independently. You have strong attention to details.
- You like to work in team, to coordinate and you can adapt your approach depending on your counterpart