Job Description
This role holder will work with the EMEA Information Security Manager to provide divisional and Technology Service Provider Information Security support- They will work closely with and influence key Senior Management across the divisions, whilst developing and maintaining relationships and providing Information Security advice and guidance in line with Information Security policy- They will understand regional regulatory requirements to support compliance across the region- The Poland , Information Security Specialist will perform risk assessments of internal and external Information Security threat environments, including applications, infrastructure and business units-
Requirements
Technical Knowledge: · Significant experience and proven track record of delivery within IS, IT Security or Audit departments within financial institutions- · In-depth IT and Information Security knowledge and experience- · Broad specialist level knowledge of information security technology and IT infrastructure such as, UNIX, Windows, databases, network infrastructure, firewalls, Information security management tools, logging & monitoring tools, emergency envelope tools, Public Key Infrastructures, Cryptography- · Relevant Information Security qualifications (e-g- CISSP, CISM, CISA etc-) Any membership of a professional security organisation would be an advantage- (SANS/ISACA etc-) Experience: - Minimum 6 years experience working within an information security or audit role
- Experience of influencing at senior organisational levels-
- Working within and understanding a broad range of Banking business units (IB, Asset Mgmt, Retail, GTS etc-)
- Knowledge and experience of the legal and regulatory environments across all locations in EMEA
- Experience in driving change across complex and geographical spread environments
- Excellent English communication skills - written and verbal
- Proven track record working in a fast moving, client focussed Banking environment-
- Ability to write technical issues in business terms
- Proven ability to manage issues to closure across borders/territories-
- Strong EMEA orientation, prepared to travel regionally-
Responsibilities
- Build and maintain strong relationships with divisions in order to identify issues and drive Information Security compliance-
- Develop a thorough understanding of divisional business, systems and processes in order to provide tailored Information Security solutions and services whilst minimising impact or disruption to divisions
- Identify current risk position for divisions, identifying potential exposures and drive actions to address or mitigate Information Security risk
- Quality assure Exception To Policy's presented for approval to confirm risk statement and assess action plan adequately addresses the risk
- Perform security risk assessments or provide specialist Information Security input to support major change programmes
- Engage with business and technology projects to identify Information Security weaknesses in proposed systems / applications and develop appropriate solutions based on risk assessment
- Escalate where appropriate any failures to comply with Information security controls in application / system implementation
- Provide policy advice and guidance to business divisions and technology service providers
- Undertake targeted reviews of business divisions and/or IT systems to ensure compliance to IS policies-
- Support the production of high quality, informative and accurate management information for the division
- Provide input to Information Security related briefings and Threat Management Groups
- May be called upon to provide incident and investigations support
- Will be expected to deputise for the EMEA Information Security Manager when required
| 
