Information Security Expert
The role of an Information Risk Manager is pivotal in today's digital landscape. As a key member of the organization, you will be responsible for identifying and mitigating potential risks related to information management.
You will work closely with various business units to ensure that their risk management processes are up-to-date and compliant with regulatory requirements. This includes participating in risk assessment processes for strategic projects and programs, challenging results, and identifying measures to mitigate risks.
One of your key responsibilities will be to support the DORA readiness of the organization by reviewing activities from all 5 pillars of the regulation. You will also assist in conducting strategic and ad-hoc risk analyses, risk papers, and risk reports. Additionally, you will be responsible for assessing and responding to regulatory changes and audit reports.
A critical aspect of this role is ensuring the effective implementation of IT policies and security frameworks throughout the organization. This includes verifying the implementation of information security controls and evaluating their effectiveness. Furthermore, you will provide expert advice to management on matters related to information risks and promote security awareness across the entire organization.
As a valued partner, you will be expected to maintain strong relationships with stakeholders while remaining fully independent. To excel in this role, you must have excellent analytical, coordination, and organization skills. Strong communication skills are also essential for presenting complex information risks to various stakeholders.
In order to succeed in this position, you should possess a Master's degree or equivalent in Information Security or a related field. Your experience in IT/Information Security/IT Audit or Risk Management areas should exceed 7 years. Fluency in English and French (written and spoken) is also required.
Your Responsibilities:
* Support the information risk management of the bank by providing daily support and challenge to all businesses.
* Participate in risk assessment processes in all strategic projects and programs, challenge results, and identify risk mitigation measures.
* Support the DORA readiness of ING Luxembourg by reviewing activities from all 5 pillars of the regulation.
* Support strategic and ad-hoc risk analyses, risk papers, and risk reports with fact finding, research, and documentation activities.
* Support assessments and responses to regulatory changes and audit reports.
* Contribute, measure, and report on the implementation of IT policies and security frameworks throughout the organization.
* Verify the implementation of information security controls and evaluate their effectiveness.
* Advise the bank management on any questions related to information risks.
* Promote security awareness continuously across the whole firm.
* Present information risks in a clear and comprehensible manner to your stakeholders.