Head of Security Governance and Assurance
Jobbeschreibung
Basel, Basel-Stadt, Schweiz
BIS Bank for International Settlements
03.05.2024
Möchten Sie Updates für diesen und ähnliche Jobs?
Purpose of the job:This role defines, implements and operationalises
the Bank’s second line of defence monitoring activities for cyber
security risk. Your main duties will be to lead our second line
cybersecurity compliance monitoring programme, direct our cyber
security governance function and to manage our cyber security advisory
service. A key part of your role will be to oversee the development
and maintenance of the Bank’s security policies, standards and
guidelines in the context of our new 3LoD risk management framework.
You will be also responsible for our cyber security advisory and
assurance activities, undertaking tasks such as tracking internal
audit findings, reporting against any operational risk remediations
and reporting to Executive audiences on the Bank’s cyber security risk
threats and/or response measures.By joining the team:You will have the
opportunity to lead a talented group of cyber security specialists who
are highly committed to ensuring the security of the Bank’s technology
transformation programYou will sharpen your skills at gathering,
analysing and preparing data and reports on the Bank’s cyber security
performance for a range of senior executive audiencesYou will be part
of a group of line managers who support one another through the use of
their respective specialist technical skills, but who work as a
teamYou will work with a truly international team of security and
Banking risk professionals with a diverse set of personal and
professional backgrounds and experiencesKey responsibilities
include:Security governance:Lead the development of security-related
policies, procedures, guidelines and technical standardsDrive the
cyber security risk management functionManage internal audit workload
responsesManage responses to the Bank’s operational risk
management-related activitiesMeasure and report on cyber resilience of
Bank’s critical processesSecurity advisory and assurance:Develop,
maintain and evolve the cyber security compliance metrics and
reporting programEnsure effective monitoring, analysis, reporting and
escalation of security risks as a second line control functionEnsure
the provision of clear security advice and coherent project governance
requirements to project managersSecurity testing:Ensure the
orchestration of security testing activities including phishing,
social engineering, penetration tests and red/blue team
exercisesAwareness and training:Run Bank-wide cybersecurity awareness
and training programs, including advanced cybersecurity training
programs for IT professionalsLeadership responsibilities:Lead and
develop a driven and dedicated team of strongly performing
cybersecurity specialists, including staff and
contractors.Qualifications and experience:Extensive organisational
‘in-house’ skills in an audit, security or other complex process
assurance function, preferably in an enterprise technology context
(min. 8 years)Expertise at complex process mapping or framework
application work, preferably in a banking or technology risk
contextProven ability to drive the implementation of a data-driven
risk or security monitoring function, in a second line of defence
roleExperience at applying a risk-based, threat-led analytical
approach to digital security or technology risk issuesStrong expertise
in operationalising the 3 line of defence model (3LoD), preferably in
a banking or technology risk contextAbility to design and implement
robust and efficient risk management processes in line with broader
risk management frameworksStrong people leadership skills, grounded in
a genuine concern for the wellbeing of staff and strong verbal
communication skillsStrong communication skills, with a proven ability
to explain and clarify highly technical security or risk matters to
non-technologist audiencesA demonstrated positive growth-mindset, with
a passion for continuous learningFluency in English, both written and
oral communicationWho we are:The Bank for International Settlements is
a diverse and inclusive organisation with colleagues from over 60
countries. By joining us in the international city of Basel, you will
work in a unique, highly rewarding and international work environment.
We truly value diversity and inclusion and want to reflect the world
we serve. We want the best people to work for us in an inclusive
environment so welcome applications from all qualified candidates. At
the BIS, we value equality and diversity in all its forms and one way
we support diversity and inclusion is through our staff-run networks.
You can discover more about diversity and inclusion at the BIS
here.What the BIS offers:In return, we offer a competitive
compensation package, including a comprehensive set of expat and
relocation benefits and allowances. In addition, thanks to our status
as an international organization, we can hire globally and welcome
applications from candidates of all nationalities and located anywhere
in the world.