Principal Information Security Expert, VP

Description The Divisional CISO function is an integral part of Corporate Bank (CB) – Non-Financial Risk team. It assists the business to identify, analyse, monitor and mitigate information security risks in order to meet the Audit and regulatory requirements. The team acts as interface between various CB divisions and Central CISO team as well as with IT and various second line functions (NFRM, VRM, Compliance, Legal, DPO, etc.). This requires interaction with stakeholders on daily basis. The role entails covering applications, organisation and region from information security perspective. This position will be part of a global CB Divisional CISO and Technology Risk - CB,IB &CBIB Ops teams. The role holder will be reporting to the CB Divisional CISO. What we’ll offer you As part of our flexible scheme, here are just some of the benefits that you’ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Understand and analyze business setting from an information security perspective Perform risk assessments on complex applications, vendors, processes and projects from an information security perspective. Identify security gaps, evaluate options for remediation, define and implement check points and compensating controls. Assessing and determining appropriate controls on unstructured data hosted on internal and external data rooms. Acting as key contact for external Auditors. Support on inquiries from internal and External Audit, regulators and clients. Supporting the Business by acting as advisor on information security themes and questions. Interacting with and educating the business on information security risks and controls and handling sensitive data. Analyzing and redesigning access management processes (request and approval) as well as Identity & Access frameworks. Owning and remediating of Audit findings and self-identified issues. Covering regulatory and control frameworks topics such as PSD2 and Third Party Mandated Applications (TPMA). Reviewing and coordinating the feedback of information security policies and procedures. Representing CB and CB Divisional CISO team in global meetings and committees, such as Group ISEC regular meetings. Your skills and experience Technical Skills Advanced presentation/interactive skills sufficient to convey complex conceptual information/ideas on issues requiring interpretation and opinion. Certifications such as CISM, CISSP. Interpersonal Skills Strong operational and people management skills, including the ability to operate within a diverse team. Excellent partnering skills and stakeholder management. The ability to successfully navigate a complex organisation, build strong relationships and work collaboratively with business and management teams and with other control functions. Excellent stakeholder engagement and delegation skills. Experience At least 10 years of experience in information security, operational risk, Audit, Consulting, etc. Background in the business or having strongly worked with a business unit Prior experience in a non-financial risk environment (e.g. in BISO, TISO, ORM, Audit, Data Privacy) Preferably knowledge of Corporate Bank products and its business areas. Good understanding of major business and operational risk processes. Personal Characteristics Strategic, however hands on in the detail (diligent). Unquestionable personal integrity and ethics. Excellent analytical and communication skills, oral and written. Independent in judgement, strongly self-motivated with the ability to challenge and be challenged whilst maintaining the highest levels of professionalism. Team player and strong networker. Flexible, open to change and to a global and diverse culture. Fluent in English How we’ll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs