Dec 01, 2021

Information Security & Risk Analyst

  • Swissquote
  • Gland, Switzerland
Full time Banking Information Security

Job Description

As an Information Security & Risk Analyst, you will work with development teams, product managers and other stakeholders to contribute directly to our success. You will ensure that best practices for information security are implemented and maintained for building, deploying and supporting Swissquote in-house application and software integrations.

You will be responsible for reviewing, advising and enforcing security concepts for a variety of digital solutions from across our organization. You will also support IT teams and DEV squads in designing applications and platforms in a secure way. The role is about all areas of information security : risk management of complex applications, governance, incident management, security awareness, pentest coordination… At Swissquote, we don't know what routine means.

Responsibilities

Governance

·         develop, maintain and publish up-to-date (Company) information security policies to accommodate business and regulatory evolution

·         monitor IT compliance with banking industry regulation and applicable laws (FINMA, LPD, GDPR,...)

·         support the CRO, Executive Management and Risk Committee with regular reporting on security controls and measures

·         design and drive the implementation of operational and administrative controls

·         support the team to operate and optimize controls

·         report thereon

Awareness program

·         participate in definition of objectives

·         evaluate training

·         liaise with HR to monitor implementation of security trainings

Audits & pentests

·         support internal and external audit process

·         organize pentests

·         coordinate remediation plans with technology teams

Risk management

·         maintain IT Risk register

·         perform security and risk assessments of new business projects and support business teams in applying mitigations measures

·         assist and support clients and partners on security-related topics and queries

Security Operations

·         operates security solutions (DLP, SIEM, EDR and other Detection and Response Tools)

·         monitor exception management process, assess and document requests

Business Continuity

·         continuous improvement of Framework

·         monitor and coordinate tests with internal and/or external stakeholders

Incident Management

·         coordination with Operation in case of cyber or BCP incident

·         forensic of Cyber Incidents

Qualifications

Bachelor or Master in Computer Science or similar

Very strong analysis skills

Excellent English communication skills, oral and written

Knowledge in Risk Framework and Audit Framework (NIST, COBIT, ....)

Minimum 3-5 years of experience in a similar position

Basic knowledge of scripting (Python, Bash) and programming (Java, C)

CISSP, CISA or similar qualifications are a plus

Additional Information

A BANK THAT DOESN'T LOOK LIKE ONE
Located near Geneva and the lake, our Headquarters gathers 600 of our employees: young (34 years old average), multicultural (50 nationalities) and wearing what suits them best. You will find a friendly atmosphere in an open and inclusive environment. Spacious offices, home-office policy, outdoor terrace, sports clubs and even... a real Pub for after-work moments.

Make your move in a challenging environment that offers you an exciting opportunity to boost your career and develop solid banking and financial business expertise.