Iso (Part-time Position / 20h)

RiverBank’s mission is to be the digital bank that makes financing to SMEs and Real Estate professionals easy.

From our offices in Amsterdam, Frankfurt, Paris and head-office in Luxemburg we act as a niche lending specialist. Our core focus is to grant loans to Small and Medium Enterprises and Real Estate Investors in Europe using a fast, flexible and reliable IT platform.

RiverBank operates under a full and universal European Banking Licence delivering a one-stop shop approach in the entire EU.

As a young company, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team work. RiverBank will offer an entrepreneurial environment within the regulatory banking framework - a place for people to learn, to achieve and grow. Our culture will promote diversity and individual perspectives in an international environment, represented by more than 15 nationalities.

At RiverBank, we cherish our employees and foster a culture of learning and improvement. From your first day - where you will join a dedicated program to ensure your integration is successful - until many years later, you will be given the required resources to develop personally so that your career at RiverBank gives you a meaningful and lifelong learning experience.

**_RiverBank is recruiting an ambitious Information Security Officer for its Luxembourg office._**

The role is to implement and maintain information security policies, standards, tools and controls to protect data and information for RiverBank. This position as part of the ISO team will ensure that the RiverBank stays compliant with best practices security guidelines and directives. The ISO team is responsible to identify, report, and act upon information security risks, direct the incident response process and coordinating with other groups to mitigate any security threats.

**_Core Responsibilities: _**
- Review, maintain and update information security policies and procedures and ensure alignment with best practices security guidelines and directives (e.g. documentation framework aligned with ISO 2700X)
- Application review and security assessment and support solutions to mitigate any gaps
- Support cloud based projects by planning and conducting cybersecurity risk assessments
- Manage the response to and resolution of information security incidents
- Regularly review user roles/permissions with business owners to ensure requirements are fully met
- Contribute to the development and implementation of security controls, relevant alerts and metrics
- Stay current with all published security vulnerabilities and escalate any action required to relevant stakeholders
- Support the business continuity and disaster recovery planning
- Champion good security practice, awareness and training throughout the organization
- **Skills and Competencies**:_
- At least 6 years in Information Security role, ideally in a regulated banking environment
- In-depth knowledge and understanding of infrastructure security (system and network administration, production) and IT processes
- Good working knowledge of security frameworks and security controls e.g. PCI DSS, ISO 27001, Swift CSP
- Solid experience developing, writing, implementing, auditing and improving information security policies and procedures aligned to relevant industry standards to ensure that security and compliance accreditations are achieved and maintained
- Perform periodic internal audits, reviews and contribute to the continuous improvement of IT security standards, processes and procedures
- Ability to perform Business Impact Analysis, risk assessment and treatment
- Experience operating, maintaining, auditing and improving Vulnerability Management, SIEM and Threat Intelligence systems
- Relevant certifications (CISSP, CISM, ISO 27001 Implementer, etc.)

**Job Types**: Part-time, Permanent
Part-time hours: 20 per week