IT Security Assistant Manager

As a Luxembourg-based bank since 1979, together with the global presence of Bank of China Group, Bank of China Luxembourg Branch has been successfully operating and continuously developing its business over the years. It contributes to the local and worldwide economic and social development. With more than 45 years of expertise and experience in the European markets, the bank extended its roots covering 15 institutions located in 13 European countries and becoming Bank of China Europe, since 2022.

Bank of China Europe adheres to the guidance of Bank of China group and continues to grow and expand its business coverage across the world, offering comprehensive business solutions to its clients worldwide with its globalized operations and diversified platforms.

Today, Bank of China Europe comprises an international workforce with a multicultural background of more than 30 different countries and regions with over 600 employees

As our operations continue to grow, we are currently looking for a talented and motivated professional to join our team as:

Position: IT Security Assistant Manager

Department: Information Technology Department

Contract Type: 1 Year Fixed term (Replacement for Maternity Leave)

Starting Date: 1st of March 2026

Job Purpose

As cyber security threats continue to evolve and regulatory requirements become increasingly complex, the IT Security function is strengthening its capabilities in vulnerability management, security monitoring, and threat detection.

The IT Security Assistant Manager will play a key role in supporting daily IT security and cybersecurity operations across BOC Europe entities (hereafter "the Bank"), with a particular focus on vulnerability lifecycle management, monitoring alert follow-up, and security event handling, thereby enhancing the overall cyber resilience of the Bank.

Main Responsibilities

1. Vulnerability Management

• Manage and follow up the full life cycle of vulnerabilities across the Bank, including identification, assessment, remediation tracking, validation, and closure.
• Coordinate with Head Office in China and local IT teams to perform threat and vulnerability assessment, to ensure timely remediation of identified vulnerabilities.
• Support targeted vulnerability analysis and risk-based prioritization.

2. Monitoring & Alert Management

• Follow up on alerts generated by the local IT operations monitoring platform, ensuring proper investigation, escalation, and closure.
• Coordinate with local IT teams to track resolution progress and ensure root causes are addressed.

3. Security Event & Threat Handling

• Monitor and analyze alerts and security events from the SIEM and threat detection platforms.
• Support security incident handling processes, including initial analysis, evidence collection, and coordination during incident response.
• Assist in identifying emerging threats and abnormal activities affecting the IT environment.

4. Operational & Governance Support

• Maintain accurate records related to vulnerabilities, alerts, and security events.
• Support cybersecurity-related reporting, KRI tracking, and documentation.
• Assist and coordinate on IT and cybersecurity awareness or training activities.

5. Documentation & Administration

• Support document management activities, including organizing, maintaining, and archiving security-related technical documentation.
• Provide support in daily operational and administrative tasks of the IT Security function.

Technical Skills & Qualifications

• Bachelor's degree or above in Computer Science, Information Security, Cybersecurity, or a related field.
• At least 3 years of working experience in IT security, cybersecurity operations, or a related role.
• Hands-on experience with vulnerability management platforms (experience with Tenable is considered a strong advantage).
• Experience in the daily operation or use of IT monitoring platforms (experience with SolarWinds is considered a strong advantage).
• Solid understanding of cybersecurity threats, including common attack techniques, vulnerabilities, malware, phishing, and lateral movement.
• Good knowledge of networks and operating systems.
• Familiarity with SIEM platforms and security event analysis is preferred.
• Good command of English, with the ability to communicate effectively in listening, speaking, reading, and writing.

Soft Skills & Attributes

• Strong analytical skills and attention to detail.
• Ability to follow up multiple tasks under pressure and meet deadlines
• Good communication skills, both written and verbal.
• Strong sense of responsibility and ability to work independently as well as in a team environment.