International business requires an international corporate philosophy. Are you open to new ideas and do you value cultural diversity? At Raiffeisen Bank International, we are pleased to have more than 16 million customers in 14 CEE countries. And our journey continues – with exciting new issues for us to tackle such as digitalisation and changing customer needs. Join us on our journey.
This function is responsible for development and maintenance of the group wide strategic Information & Cyber Security risk management program.
This function transforms the requirements from internal and external regulations into processes on group level as well as develops metrics for ongoing performance measurement and reporting.
The Information Security Compliance and Risk Manager leads and participates in the conceptual design and the management of Information & Cyber Security processes and tasks including the definition, maintenance and tracking of security regulations, risk management, definition of mitigating measures, etc. within RBI Group.
What you can expect:
What you bring to the table:
- Develop and maintain group security regulations (policies and standards) according to international security standards (e.g. ISO 2700x, NIST, etc.).
- Improve and maintain groupwide Information security processes and procedures (ISMS)
- Definition of methodologies for risk identification, evaluation and treatment including reporting.
- Ensure the Information & Cyber Security program is compliant to internal and external regulations.
- Analyze and evaluate risks of security relevant changes in projects or run-the-bank operations as well as identify vulnerabilities/security risks and draw up proposals for improvements and/or initiate countermeasures
- Consult business and IT functions in non-security projects regarding information & cyber security risks and the definition of adequate measures.
- Advice managers of RBI Austrian Equity Investments units on the implementation of group security policies/standards/guidelines.
- Maintain relationships with key partners within the business units as well as in the Second Line of Defense units
- Foster a culture that promotes Information & Cyber Security within RBI Group and act as a bridge builder in areas of conflicts
- Research, evaluate and recommend evolving Information & Cyber Security topics including upcoming regulatory requirements and develop business cases for investments.
What we offer:
- Expert knowledge and experience in Information & Cyber Security Management with regards to processes, concepts, methodologies, technologies and products
- Have a master’s degree in security/engineering, computer science or business information systems or adequate practical experience
- Enthusiasm for reading, interpreting and translating laws and regulations to security requirements
- Knowledge of principles used to manage risks related to the use, processing, storage, and transmission of information or data
- Knowledge and interested in network security architecture concepts, application security, emerging IT and cybersecurity technologies
- Practical experience in IT security in large enterprises
- Strong coordination and excellent communication and presentation skills within an international environment
- Ability for independent decision-making and issue resolution
- Strong team orientation
- Excellent command of written and spoken English, German is an asset
- Experience with the implementation of ISO-27001 compliant ISMS is an asset
- Vendor independent security certifications (e.g. CISA, CRISC, CISSP...) are an asset
- Experience in a large international banking environment is an asset
- Join our dynamic and motivated team in one of the leading banking groups in Austria and Central and Eastern Europe
- EUR 46.500,- annual gross salary excl. overtime – additional payment according to skills and experience
- Work-Life balance due to variable working hours
- State of the art learning and development opportunities
RBI AG is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ethnicity, race or color, national origin, religion, political or other opinion, gender, sexual orientation or disability.