Description
Division:
Risk Management – Technology & Cyber Risk
Description of the role
Risk Management division forms part of Euroclear's second line (of defense) and its mission is to support Euroclear in achieving its goals and delivering its strategy through providing robust, independent oversight of risk-taking activities across the Group.
The Cyber Risk Domain Manager is a senior expert within the Risk Management division, providing expert input and recommendations on the identification, assessment, and mitigation of cyber risks across the organization. This role is responsible for ensuring that cybersecurity policies, procedures, and controls are strategically aligned with internal standards and regulatory requirements. The Cyber Risk Manager is instrumental in influencing the design and selection of controls to protect information systems and organizational assets from cyber threats. This role would include ownership of risk oversight for security-related areas such as access management, network/application/platform security, etc.
Key Responsibilities
* Evaluate, test, recommend, develop, coordinate, monitor, and maintain cybersecurity policies, procedures, and systems (hardware, firmware, software);
* Review and challenge cybersecurity architecture, designs, plans, controls, processes, standards, policies, and procedures to ensure alignment with security objectives and IS standards;
* Identify cyber risks and exposures, determine causes of security incidents or violations, and suggest procedures to halt future incidents;
* Participate in the investigation and resolution of cybersecurity incidents, recommending enhancements to improve the organisation's security posture;
* Provide risk assessments and recommendations for the design, development, and implementation of cybersecurity controls and software;
* Advise on the selection of controls designed to prevent intentional or inadvertent access, modification, disclosure, or destruction of information assets;
* Identify and analyze operational risks for IT systems security;
* Provide guidance and direction within IT and among users for the protection of information systems, corporate information, and intellectual property assets.
Required Qualifications
* Master's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience);
* At least 7+ years of experience in cybersecurity, information security, or a similar area;
* Strong knowledge of cybersecurity standards (e.g., ISO 27001, NIST CSF, COBIT);
* Demonstrated analytical and problem-solving skills;
* Excellent written and verbal communication skills in English;
* Professional certifications (e.g., CISSP, CISM, CISA, CRISC or equivalent) are highly desirable.
Soft Skills
* Strategic thinking and the ability to influence and advise senior stakeholders;
* Strong attention to detail and a methodical approach to problem-solving;
* Ability to work collaboratively within a team and communicate effectively with both technical and non-technical stakeholders;
* Eagerness to learn and develop new skills in cybersecurity and risk management;
* Takes ownership: self-motivated, self-organised and demonstrates good judgement to set priorities and make decisions autonomously, and to coordinate accordingly;
* Ability to manage time and priorities effectively, especially when handling multiple tasks or deadlines.
#LI-CM1