Information Security Manager

il y a 18 heures

Luxembourg China Merchants Bank Temps plein

H- Posted by
- Hongyi Xu- Recruteur Company: China Merchants Bank Luxembourg China Merchants Bank Co., Ltd., founded in 1987, is China’s first joint-stock commercial bank which has been ranked among China’s top commercial banks for many consecutive years. CMB set up a branch that provides commercial banking services in Luxembourg in March 2015 and acts as the gateway and regional headquarter of CMB group in Continental Europe. In May 2021, China Merchants Bank Co., Ltd., has the subsidies-China Merchants Bank (Europe) S.A. in Luxembourg.

**Responsibilities**:

- Developing and implementing policies and frameworks for IT security and risk management.
- Monitoring and managing the IT systems to ensure that they are secure.
- Conducting ICT and Cybersecurity Risk-Self Assessment, in line with both EU regulation and HO policies.
- Ensuring that IT control framework is aligned to the CMB HO framework when relevant.
- Identifying potential regulatory and non-regulatory IT risks through thorough and ongoing risk assessments (such as the possibility of system failure or data loss).
- Assisting in finding practical and cost-effective solutions to identified or revealed security and risk issues.
- Building and maintaining strong and effective working relationships and effective means of communication with other relevant functions such as IT, RM, LC, OP departments.
- Working closely together with internal and external auditors on ICT Risk topics.
- Design an extensive training program and organize regular training targeted to different functions within the Bank.
- Implement a set of Key Risk Indicators (KRI) and defining metrics to regularly measure control effectiveness.
- Providing regular reporting on the ICT risk exposure, mitigating efforts, key milestones, KRIs, escalation of operational events and breaches.
- Actively engaging in end-to-end risk remediation planning, resolution, and monitoring activities.
- Serve as the point of contact for all ICT Risk Management matters.
- Monitoring key trends in the regulatory environment and best market practices (including implementation of DORA, review of real case studies, following the latest industry best practices)
- Raising awareness: influencing behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise.

**Profile**:

- Master's degree (information technology, computer science, information security or a related field).
- At least 6 years of professional working experience in ICT Risk Management or in IT.
- Familiar with applicable banking regulations and how they impact the information technology (IT) department.
- Strong interpersonal skills and the ability to develop effective trustworthy relationships with the IT, RM, LC departments and business stakeholders.
- Staying aware of Information Security current affairs, business continuity, data management, security and encryption, and vulnerability analysis and audit.
- Fluent in English and Chinese. Excellent communication skills, both written and verbal to be able to articulate complex IT risks in simple business terms.
- Any relevant certifications is a plus (CISSP, CISA, CRISC).
- Audit or controls background, Big Four experience a plus.

**Disclaimer**:
The preceding description is not designed to be a complete list of all duties and responsibilities.

  • Information Security Manager

    il y a 1 semaine

    Luxembourg Next Gate Tech Temps plein

    **What You Will Do**: In this role, you will be responsible for developing and implementing our organization's information security strategy, as well as ensuring compliance with relevant laws, regulations, and industry standards. You will work closely with stakeholders across the organization to identify and mitigate security risks, and be responsible for...

  • Security Incident Management Consultant

    il y a 2 jours

    Luxembourg Base Cyber Security Temps plein

    Are you an experienced incident response / incident handling professional? Ready for taking on a leading role, setting up and running a new layer of incident response capability to the security maturity of a Security Operations Center (SOC) servicing a global business via managed security services? Get the chance to contribute at high level by taking on a...

  • Information Security Oversight Manager

    il y a 2 jours

    Luxembourg PayPal Temps plein

    At PayPal (NASDAQ: PYPL), we believe that every person has the right to participate fully in the global economy. Our mission is to democratize financial services to ensure that everyone, regardless of background or economic standing, has access to affordable, convenient, and secure products and services to take control of their financial lives. Job...

  • Information Security Consultant

    il y a 2 semaines

    Luxembourg Lux-Advisory Temps plein

    **Mission** In support of the Risk Management team, the Consultant will provide the following services: - Establish risk guidelines for the information security strategy - Establish guidelines for the design of the information security controls - Align the risk appetite for security incidents and vulnerability management with the IT Security function -...

  • Information Security Consultant

    il y a 2 semaines

    Luxembourg Lux-Advisory Temps plein

    **Lux-Advisory **is a company specialized in project management and business analysis. Our consultants take part in European or International projects. To support the increase of our activity, we are currently looking for a **Information Security Consultant.** **Mission** In support of the Risk Management team, the Consultant will provide the following...

  • Information Security Officer

    il y a 2 semaines

    Luxembourg, Luxembourg Luxair Temps plein

    For our department IT Security within General Services, we are looking for a (an):Information Security Officer (m/f/x)Description:As Information Security Officer you will activelycontribute to maintaining and strengthening Luxair group's information securityposture.Drivenby a strong interest in cybersecurity, you will actively support the Head of...

  • Information Security Officer

    il y a 2 semaines

    Luxembourg Luxembourg Institute of Health Temps plein

    **About the Department of Medical Informatics (DMI)**: Across the last decades, data has become a cornerstone for multidisciplinary research, digital and precision health. At the LIH, the DMI is in charge of promoting and ensuring that researchers and clinicians can fully leverage patient information. With its expertise in Information Technologies (IT) and...

  • Senior) Information Security Manager

    il y a 2 semaines

    Luxembourg Riverty Group GmbH Temps plein

    At Riverty, we believe that everyone should be in control of their own financial situation. Our shared commitment is to make financial solutions more innovative, empathetic and user-friendly to empower financial growth for everyone. To do this, we rely on 50 years of experience and the commitment of over 5,000 creative minds, innovators and explorers in 11...

  • Information Security Officer

    il y a 1 semaine

    Luxembourg EFA Temps plein

    **Your responsibilities**: - Perform controls and reviews to ensure and validate conformity with defined security standards and framework NIST, ISO 27001 - Have a good knowledge of regulatory requirements (DORA, NIS ) - Manage or participate in technical projects to improve IT security - Perform IT security assessments and recommendations related to...

  • Information Security Officer

    il y a 2 semaines

    Luxembourg Findel Airport ING Temps plein

    Information Security Officer In order to strengthen the delivery organisation, ING Luxembourg is looking for an Information Security Officer on a temporary contract bases. Job description: Your mission will be to reinforce a team of Security Officers in order to maintain the bank within its IT risk appetite and participate in the implementation of the DORA...