Operational Risk and Advisory IT and Information Security Specialist

Job description

Job Description

The position of Operational Risk and Advisory Specialist is within the Operational Risk Function, a critical component of the second line of defense. This role is responsible for providing comprehensive oversight of operational risk activities, with a strong emphasis on new technologies, information security, and cyber risks. The Operational Risk function engages in advisory, risk assessment, analysis, and reporting to the Bank's governing bodies.

Main tasks

• Development, implementation and execution of risk activities:
  • Improving the risk management framework in terms of risk assessment and advice, particularly in relation to new technologies, information security and cyber risks.
  • Work with business units to integrate advanced risk management practices into their operations.
• Risk assessment and analysis:
  • Perform ad hoc risk assessments and analysis, particularly related to information security and cyber threats, to identify potential issues and propose effective mitigation measures.
  • Carrying out incident analyses to determine the causes, identify risk mitigation measures and ensure implementation.
• Consulting:
  • Advising business units, including the review of the internal control framework with a focus on IT and information security, in order to support the sustainable business development of the bank.
  • Expert tips on risk mitigation strategies, particularly in relation to information security and new technologies.
• Reporting and communication:
  • Reporting and presenting risk assessment findings to the risk management leadership group and other relevant stakeholders, with a focus on cyber risks and technology vulnerabilities.
  • Preparation of detailed risk reports and presentations for management review.
• Introduction of digital solutions:
  • Actively participate in the introduction of new digital solutions to support the implementation of the internal control system globally to ensure that these solutions address information security and cyber risk management concerns.

Requirements

• University degree in business administration, economics, natural sciences, information security or a related field.
• 10 years of professional experience, including consulting or audit at a leading professional services firm and/or in a comparable position at a market-leading bank.
• Solid understanding of core banking systems, end-to-end transaction processing and cyber security principles.
• Proven ability to write reports and communicate effectively with a senior audience.
• Excellent analytical skills and a structured approach to problem solving and reporting.
• Exceptional communication skills in English, both written and spoken.
• Ability to work autonomously and as part of a global team in a fast-paced environment.
• Experience with new technologies and a deep understanding of information security and cyber risk management.

We offer

• Sense of responsibility: Taking responsibility for tasks and challenges as well as continuous improvement.
• Hands-on: Proactive approach to deliver high quality results quickly.
• Passionate: Commitment and striving for excellence.
• Solution-oriented: Focusing on customer outcomes and treating customers fairly with a risk-aware mindset.
• Partnership: promoting cooperation and teamwork. Working together with an entrepreneurial spirit.