Job
- Level
- Experienced
- Job Field
- IT, Security
- Employment Type
- Full Time
- Contract Type
- Permanent employment
- Location
- Saarbrücken
- Working Model
- Onsite
Job Summary
In this role, you will assess information security compliance, develop audit plans, identify risks, and document security requirements to ensure optimal security standards in collaboration with internal and external stakeholders.
Job Technologies
Your role in the team
- This position assists Compliance and Information Security in providing independent internal control evaluations, auditing, monitoring, and reviewing activities performed by the 1st line of defense, including 3rd party providers/outsourcing in relation to information security relevant domains.
- This role will work to ensure ongoing information security compliance by identifying information security risks or non-compliances against the internal information security baseline, industry security standards and frameworks, relevant laws and regulations, and industry best practices.
- This position also assists in maintaining and developing appropriate policies, procedures, and other relevant documentation for Information Security Compliance Evaluation functions and the entire organization.
- Define and execute information security audit/control plans on ODDO BHF's ecosystem internally and for external suppliers/outsourcing, by identifying the control objectives in conformity with information security related standards (ISO 2700x, BSI, NIST etc.)
- Define and execute the plan for monitoring and reviewing the results of the self-assessment process on a risk-based approach.
- Verify the implementation status of control objectives and applicable security requirements by checking the provided evidence in support of the evaluation.
- Monitor the effectiveness of the compliance evaluation processes in accordance with agreed metrics and performance measures to drive continuous improvements
- Prepare IS Compliance reports and status reports, by documenting the identified information security non-compliances
- Actively communicate with asset/process owners and other stakeholders with the goal of identifying the information security non-compliances regarding third-party suppliers/outsourcing.
- Develop and maintain the policies, procedures, manuals, guidelines relevant to IS Compliance Evaluation function
This text has been machine translated. Show original
Our expectations of you
Education
- University degree in Computer Science/Information Security or related technical fields
Qualifications
- Ability to collaborate with other departments and stakeholders
- Technical certifications in Information Security and IT Audit
- A passion for accuracy and translating insights into a compelling narrative; able to maintain a balance between the details and the larger picture.
Experience
- Proven track record of work experience in ISM Control System related job positions
- Knowledge and experience on information security standards such as ISO 2700x, BSI, NIST
- Experience in planning and executing technical controls, monitoring and reviewing software and hardware security, and organizational controls.
- +3 years of experience in the same or similar positions in financial institutions
- Knowledge and/or experience with information security frameworks such as SWIFT, PCI DSS, SOX, DORA
This text has been machine translated. Show original
Topics that you deal with on the job
Job Locations
This is your employer
ODDO BHF
ODDO BHF is an independent European financial group specializing in Private Wealth Management, Asset Management, and Corporate Finance. With over 170 years of experience, the company offers comprehensive services in Equity and Debt Capital Markets as well as mergers and acquisitions.
Description
- Company Type
- Established Company
- Working Model
- Onsite
- Industry
- Banking, Finance, Insurance
Information Security Compliance & Audit
- Location
- Saarbrücken
- Working Model
- Onsite
- Diversity
- Open for all genders
