Sr. Information Security Officer, Managing Director
il y a 1 jour
State Street Bank International GmbH (‘SSBI’) seeks to recruit a Senior Information Security Officer, Managing Director (Sr. ISO) to improve the overall protection of SSBI, its customers and partners from an evolving and sophisticated threat landscape.
The candidate should have a proven track record in global cyber security and as a risk leader who has experience in delivering on strategic outcomes with business operational quality and a focus on business needs. The candidate should have experience in large scale cyber transformations and execution.
The SSBI Sr. ISO reports to the SSBI Chief Governance Officer and closely cooperates with the SSBI Head of IT and the wider management team. Key stakeholders include:
- Information Security Officers
- Business and Functional Leaders
- Cyber Fusion Center
- Cyber Architecture & Security Engineering
- First Line Risk and Controls
- 3LOD Partners
The SSBI Senior Information Security Officer (Sr. ISO) will drive compliance with GCS security controls in their business unit/region/country/functional area which they represent. The Sr. ISO will serve as a trusted and influential information security advisor to senior-level business management in a large organization.
The SSBI Sr. ISO roles and responsibilities are defined under five domain areas with the following objectives and specific responsibilities for each domain:
Information Security program development and management
Objective: Develop and manage the information security program within the business unit to drive compliance with information security supplemental requirements and reduce risk
- Identify senior business management and build relationship to ensure effective information security governance is established - strategy with goals and objectives, strategic alignment, roles and responsibilities, performance measurement, outcomes
- Understand context of the business unit - internal and external issues, organizational structure, organizational drivers, geography, strategy, legal and regulatory requirements
- Develop an information security strategy aligned to the business unit strategy, defining the goal of information security, objectives and the desired state
- Develop and maintain an information security policy, associated standards and procedures
- Define the activities to be performed within the information security program, and assign ownership
- Establish relevant metrics to evaluate the effectiveness of the information security program
- Monitor and review information security program, to ensure continual development and improvement
Risk and Incident Management
Objective: Manage information security risk and incident response, from assessment through mitigation of risk, and throughout the entire lifecycle of incident management
- Support the business unit in identifying high risk/critical processes and technology, ensuring they are inventoried, ownership is assigned and that regular reviews are carried out
- Assess information security risk associated with high risk/critical business processes and technology, and apply information security supplemental requirements to mitigate risk
- Integrate information security risk review into lifecycle processes such as Incident Management, ASAP, ISRMP, TPRM, BCP, SDLC, Change and Project management
- Attend risk and technology committees. Identifying, documenting and communicating Information Security risks. If risk and technology committees do not exist, work with the business unit to establish forums for discussion
- Act as Information Security representative during regulatory and statutory engagements
- Review and approve non-standard access for high risk access (e.g. blocked web sites, mass storage, application access, non-standard device and non-expiring passwords, process and system IDs)
- Participate in security incident response program representing the business area to detect and respond to incidents in a timely manner. Post incident, provide support to the business to identify control gaps.
Measurement
Objective: Develop metrics for measuring the information security program and related activities
- Establish and agree on appropriate reporting with senior management to give a view of the state of information security throughout the business unit
- Complete the quarterly ISO maturity assessment to provide a clear understanding of the maturity of the implementation of the ISO framework
- Identify failed business controls and provide support on remediation to drive compliance with information security supplemental requirements
- Create development plans for all information security resources to ensure continual improvement
Communication
Objective: Establish internal and external communication channels that support information security
- Report on potential business impact of proposed new information security supplemental requirements, and of security risks from new business initiatives
- Report significant changes in information security risk to appropriate level of management for review on both a periodic and an event driven basis
- Provide regular communication on threat intelligence relevant to the business unit, and issue guidance on supporting controls
- Report on impact or potential impact of security incidents to senior management
Education
Objective: Maintain up to date knowledge of evolving information security threat landscape and provide information security awareness, training and education to key stakeholders
- Design and develop an interactive and engaging program for information security awareness and training, which is relevant to the business unit and encompasses the current threat landscape
Furthermore, the Sr. ISO (MD) is responsible for:
- Global collaboration: Collaborate with Global Cyber Security and assigned business partner teams to ensure the business aligns plans addressing security policies and standards are enforced in their products and services
- Team management: Create a high performing team and environment that promotes continuous growth opportunities
Education & Preferred Qualifications
The Sr. ISO (MD) should possess the following skills/experience
- 12+ years of experience in cyber security risk and controls, a security related field or other information risk management function
- Experience with communicating with the European Central Bank
- Modern technical aptitude and experience developing and implementing large-scale innovation.
- Interaction with governing bodies, i.e. ECB, Bafin, Bundesbank, Prüfungsverband, etc.
- Depth with modern technology stacks – n-tier, cryptography, data science, machine learning, cloud (hybrid)
- Project Management experience leading large and small technical teams.
- Experience operating in regulated environment
- CISA, CISM, CISSP or similar certification required or an agreed upon plan to achieve this certification within 1 year of hire
- Bachelor’s degree or equivalent in a relevant field
Critical Leadership Capabilities
- Driving results
- Strategic Thinking
- Collaborating & Influencing
- Change Management
- Senior Executive communication
- Personnel Management
- Project Management
-
Sr. Information Security Officer, Managing Director
Il y a 2 mois
Paris, France State Street Temps pleinState Street Bank International GmbH (‘SSBI’) seeks to recruit a Senior Information Security Officer, Managing Director (Sr. ISO) to improve the overall protection of SSBI, its customers and partners from an evolving and sophisticated threat landscape. The candidate should have a proven track record in global cyber security and as a risk leader who has...
-
Sr. Information Security Officer, Managing Director
il y a 1 jour
Paris, France State Street Temps pleinState Street Bank International GmbH (‘SSBI’) seeks to recruit a Senior Information Security Officer, Managing Director (Sr. ISO) to improve the overall protection of SSBI, its customers and partners from an evolving and sophisticated threat landscape.The candidate should have a proven track record in global cyber security and as a risk leader who has...
-
Chief Information Security Director
il y a 5 jours
Paris, Île-de-France Glocomms Temps pleinGlocomms is seeking a visionary Chief Information Security Director to spearhead the company's security strategy in the financial services industry.We are looking for a dedicated professional who is eager to enhance their career and reach their goals.Job Overview:This key leadership role involves protecting sensitive data, ensuring regulatory compliance, and...
-
Director of Information Security
Il y a 4 mois
Paris, France Akeneo Temps pleinAkeneo is the product experience (PX) company and global leader in Product Information Management (PIM); creating a world where every product interaction is an experience that guides consumers and professionals to the best purchase, anytime, anywhere. Akeneo empowers business leaders with software, education, and an engaged community all focused on the...
-
Chief Information Security Officer
il y a 6 jours
Paris, France Glocomms Temps pleinOur client is searching for a CISO to steer the companies security strategy for the financial services industry. We are looking for candidates that are actively looking to improve their career and reach their goals. Position Overview : Responsible for protecting sensitive data, ensuring regulatory compliance and minimizing cyber risks, the CISO plays a...
-
Chief Information Security Officer
il y a 1 semaine
Paris, Ile-de-France Glocomms Temps pleinOur client is searching for a CISO to steer the companies security strategy for the financial services industry. We are looking for candidates that are actively looking to improve their career and reach their goals. Position Overview :Responsible for protecting sensitive data, ensuring regulatory compliance and minimizing cyber risks, the CISO plays a key...
-
Chief Information Security Officer
il y a 5 jours
Paris, France Glocomms Temps pleinOur client is searching for a CISO to steer the companies security strategy for the financial services industry. We are looking for candidates that are actively looking to improve their career and reach their goals. Position Overview :Responsible for protecting sensitive data, ensuring regulatory compliance and minimizing cyber risks, the CISO plays a key...
-
Chief Information Security Officer
il y a 5 jours
Paris, France Glocomms Temps pleinOur client is searching for a CISO to steer the companies security strategy for the financial services industry. We are looking for candidates that are actively looking to improve their career and reach their goals. Position Overview : Responsible for protecting sensitive data, ensuring regulatory compliance and minimizing cyber risks, the CISO plays a...
-
Chief Information Security Officer
il y a 7 jours
Paris, France Glocomms Temps pleinOur client is searching for a CISO to steer the companies security strategy for the financial services industry. We are looking for candidates that are actively looking to improve their career and reach their goals. Position Overview :Responsible for protecting sensitive data, ensuring regulatory compliance and minimizing cyber risks, the CISO plays a key...
-
Chief Information Security Officer
il y a 4 jours
Paris, France Glocomms Temps pleinOur client is searching for a CISO to steer the companies security strategy for the financial services industry. We are looking for candidates that are actively looking to improve their career and reach their goals. Position Overview : Responsible for protecting sensitive data, ensuring regulatory compliance and minimizing cyber risks, the CISO...
-
Information Security Specialist
Il y a 7 mois
Paris, France Fast Retailing Temps pleinFast Retailing is a global company that operates multiple fashion brands including UNIQLO, Comptoir des Cotonniers, Princesse Tam Tam, Theory and more. As the world’s third-largest manufacturer and retailer of private-label apparel, the Fast Retailing Group offers high-quality, reasonably-priced clothing by managing everything from procurement, design, and...
-
Director, Security
Il y a 6 mois
Paris, France Platform.sh Temps plein**About Platform.sh** Adopted and loved by 16,000+ developers, 7,000 customers, and proven over the last 8 years. Platform.sh provides out-of-the-box capabilities that serve as the launchpad for creative development teams' out-of-the-box thinking. Platformers are a remote, global workforce, and we thrive in a multicultural team. We are committed to open...
-
Information Security Manager
il y a 5 jours
Paris, Île-de-France Liberty Towers Temps pleinAbout the RoleWe are seeking an experienced Information Security Manager to join our dynamic team in Paris. This is a hybrid role requiring 3 days in the office, with travel to other customer sites in France (approx 20%). As an Information Security Manager, you will be responsible for implementing, managing, and maintaining security processes and policies to...
-
Managing Director, France
Il y a 7 mois
Paris, France Academic Programs International (API LLC) Temps plein**API PURPOSE** We encourage students of all ages to embark on experiential learning journeys that enrich lives and communities! This is the heart of our student-centric approach to everything we do. Serving students is part of our organizational DNA. *** This position is responsible for managing all student "delivery" aspects of API Experiential Programs...
-
Chief Information and Security Officer
Il y a 2 mois
Paris, France Allego Temps plein**This is Allego** Allego provides reliable charging solutions to cities, companies, and consumers. We deliver charging facilities that can be used by all electric cars and every EV driver, providing a seamless charging experience. Our goal is to contribute to zero emission mobility and see to it that EV drivers can charge at the right location with the...
-
Security, Safety
il y a 6 jours
Paris, France Van Cleef & Arpels Temps pleinCode de référence: 75882**Security, Safety & HSE Director (M/F)**: - Paris, 75, FR- Permanent**QUI SOMMES-NOUS?** Une Maison de Haute Joaillerie qui valorise des savoir-faire exceptionnels dans un univers empreint de créativité, d'enchantement, de culture et de poésie ! Notre Maison recherche des hommes et des femmes aux multiples talents qui...
-
Information Security Manager
il y a 6 jours
Paris, France Liberty Towers Temps pleinInformation Security Manager Paris Hybrid: 3 days on site. Salary: €80,000 About the Role: We are seeking an experienced Information Security Manager to join a dynamic team in Paris. This is a hybrid role requiring 3 days in the office, with travel to other customer sites in France (approx 20%). As an Information Security Manager, you will be...
-
Information Security Manager
il y a 5 jours
Paris, France Liberty Towers Temps pleinInformation Security ManagerParisHybrid: 3 days on site.Salary: €80,000About the Role:We are seeking an experienced Information Security Manager to join a dynamic team in Paris. This is a hybrid role requiring 3 days in the office, with travel to other customer sites in France (approx 20%).As an Information Security Manager, you will be responsible for...
-
Information Security Data Privacy Manager France
il y a 1 semaine
Paris, France UNIQLO Temps pleinUNIQLO is a leading brand of the Fast Retailing Group, one of the largest apparel retailers in the world. UNIQLO respects the individuality and lifestyle of all customers and takes pride in creating high quality, long-lasting, innovative clothing at an affordable price. We are currently recruiting for an Information Security Specialist (Business Analyst and...
-
Chief Information Security Officer
il y a 1 semaine
Paris 10e, France swan.io Temps plein**About**: Swan, a European fintech company, is the easiest way to add banking features to your product. This can be called “Banking-as-a-Service” or “Embedded finance”. We built Swan so that anyone can start embedding banking features within just minutes of visiting our website. Swan is truly fast and easy to use. Swan already has 60 customers...
