Security risk officerIch möchte mich bewerben
Opportunity at Worldline Group Security
The core competence of Worldline is our digital infrastructure, the basis for all our products and solutions. It is through our Technology and Operations units, where Group Security is present, that we fulfil our promise to the customer. Here is where transactions are being processed via state-of-the-art platforms and data centres and the future of payments is being prepared.
Worldline’s culture and governance embeds mature and proactive security standards in line with the ambition of our premium brand positioning, driving enhanced value for the business, for our customers. Our Security Officers around the globe, with great expertise and deep engagement, have implemented strong processes to support business and they play a key role in maintaining and expanding our security ambition. Are you thriving working in a multicultural environment and ready to improve your expertise in cybersecurity? If so, an opportunity has arisen to join the Group Security Organization.
Your day-to-day responsibilities include:
- Connect with the business and articulate the risks and risk processing activities (organizational, procedural and/or technology) in business language to the business stakeholders.
- Manage and maintain the Information security risk assessment program (incl. Business Impact Analyses, Information Risk Processes and Compliance) at Group Security Level.
- Enforce asset classification and ensure with all GBLs and stakeholders security assessments are conducted on all critical platforms.
- Deliver information security risk assessments of the current infrastructure, projects, new technologies, external service providers and Information Security related changes.
- Support the execution of security risk assessments of third parties and partners in line with the Global Offshore Office.
- Contribute in the adequate integration of the Information security risks approach within the corporate risk management framework.
- Guide staff and managers on the appropriate risk mitigation strategies.
- Manage the communication and reporting on risk metrics supporting the overall Information Security (dashboard) reporting.
- Support quality assurance reviews of security requirements in Security Development Lifecycle Management and Project Management.
- Continuously assess the shortfall between both actual security measures in place and being effective and those established at a policy level thus highlighting deficiencies for remedial action.
- Support the implementation and management of a GRC (Governance, Risk and Compliance) tool.
- Support business in responding to customer RFP in regards to information security management topics, and certification and standards compliance.
- Consolidate security deviations, follow up on the handling of expired and non-compliant deviations from GBLs
- Consolidate and analyze aggregated security risks and remediation plan at group level
Skills we can’t do without:
- Minimum 10 years of relevant experience.
- Good communications skills and strong knowledge of spoken and written English.
- Technical background with a strong understanding of security concepts and practical usage.
- Proactively seeks to improve security processes and implements best in class solutions, raising security awareness and overall security measures.
- Ability to work efficiently with minimal oversight/direction remotely, adjusting to changing priorities, circumstances and personal interaction styles.
Skills we’d like:
- An academic degree in IT, IT Security, engineering or other related field
- Experience in working in transversal teams and business units across borders.
- Experience in applying and improving corporate policies in line with security standards, regulations and best practices in the financial industry (e.g. ISO 27k, PCI-DSS, NIST CSF, ECB CROE).
- Security certifications that evidences understanding of network, infrastructure and application security (e.g. CISSP, ISO 27k Lead Implementer).
- Minimum of 4 years’ experience in a similar role within a Global Organisation.
Once you join, you will be part of a pioneering and growing worldwide security expert community. You will acquire knowledge on security best practices and contribute to our continuous improvement initiatives to learn and acquire new skills that will expand your professional competency.
Depending on your specific ambition, we are committed to providing the opportunity to both lead and innovate exciting large-scale projects that significantly impact the overall security posture of Worldline businesses across the world.