Information & Cyber Security Manager – Software Development background (m/f)
This function transforms the strategic requirements from the overall strategy into processes on group level as well as develops metrics for ongoing performance measurement and reporting.
In scope are design, implementation and continuous improvement of Cybersecurity services and processes, such as SIEM/SOC, Data Leakage Prevention, Incident Management, Cloud Security, Vulnerability Management, Penetration Testing, Application Security, etc.
Focus on design of Information Security aspects in particular of software development.
Responsibilities include definition of suitable standards, frameworks, methodologies processes and assurance that all information security measures are adequately implemented to prevent business disruptions or harm to RBI group resources (data, systems), e.g. through electronic fraud, cyberattacks, advanced persistent threats (APT), distributed denial–of-service attacks (DDOS), or similar.
What you can expect:
- Develop and maintain group security regulations (secure coding policies) according to established security standards
- Conduct security risk assessments and compliance checks to identify the effectiveness of controls and the derived risk status within RBI Group
- Advice local security managers of RBI network units and the relevant stakeholders in head office on the implementation of group security policies/standards/guidelines and the effectiveness of security measures
- Analyze and evaluate risks of security relevant changes in projects or run-the-bank operations as well as identify vulnerabilities / security risks and draw up proposals for improvements and/or initiate countermeasures
- Participate in security projects (as business representative for security management)
- Advice local security managers of RBI network units on the implementation of group security policies/standards/guidelines and the effectiveness of security measures
- Support establishment and maintenance of group wide security services including cost, contract and vendor management
- Research, evaluate and recommend evolving Information & Cyber Security technologies
- Foster a culture that promotes Information & Cyber Security within RBI Group and act as a bridge builder in areas of conflicts
- Maintain relationships with key partners within the business units as well as within the Second Line of Defense units
- Expert knowledge and experience in Information Security with regards to concepts, methodologies, technologies and products
- Have a master degree in Security/Engineering, Computer science
- Deep knowledge of and experience in software development
- Deep knowledge with security systems and processes (SIEM, DLP, IAM, Encryption, Network security including Firewalls, WAF, IPS/IDS, …)
- Expert knowledge in technical Information security architecture
- Expert knowledge in security in Web-technologies (e.g. Application Security, API-Security, Mobile Security) and penetration testing experience
- Practical experience in IT Security area in large enterprises
- Ability for independent decision-making and issue resolution
- Strong team orientation
- Good command of written and spoken English and German
- Security certifications (e.g. CEH, ECSA/LPT, CISP, CCSP…) are an asset
- Experience in a large international banking environment is an asset
What we offer:
- You’ll work in an international team at a leading bank
- You’ll benefit from flexible working arrangements and determine your own work-life balance
- You’ll benefit from the very latest in tailored professional development
- You’ll earn an appropriate salary starting at EUR 46.500 gross p.a. excluding overtime
RBI AG is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ethnicity, race or color, national origin, religion, political or other opinion, sex, sexual orientation or disability.