International business requires an international corporate philosophy. Are you open to new ideas and do you value cultural diversity? At Raiffeisen Bank International, we are pleased to have more than 16 million customers in 13 CEE countries. And our journey continues – with exciting new issues for us to tackle such as digitalisation and changing customer needs. Join us on our journey.
This function is responsible to identify improvement areas of the implementation of security controls within RBI. Main tasks are performing security assessments, evaluate risks of findings and support the affected business unit in mitigating the risks to an acceptable level.
This function transforms the requirements of internal and external regulations into processes on group level as well as develops metrics for ongoing performance measurement and reporting.
What you can expect:
What you bring to the table:
- Perform security control assessments as 2nd Line of defense function, to verify the implementation of security controls within RBI environment, including management reporting of the results.
- Perform technical security compliance checks on applications/systems to identify risks.
- Recommend and advice on the implementation of security controls.
- Support RBI red team / blue team initiatives
- Advice managers of RBI Austrian equity investment units on the implementation of requirements from group security policies/standards/guidelines.
- Assist business units and IT staff in understanding and responding to security findings reported by internal and external audits.
- Analyze and evaluate risks of security relevant changes in projects or run-the-bank operations as well as identify vulnerabilities/security risks and draw up proposals for improvements and/or initiate countermeasures
- Assist in developing new processes and procedures to improve the assessment process.
- Maintain relationships with key partners within the business units as well as in the 2nd Line of defense units
- Foster a culture that promotes Information & Cyber Security within RBI Group and act as a bridge builder in areas of conflicts
- Develop and maintain group security regulations (policies and standards) according to international security standards (e.g. ISO 2700x, NIST, etc.).
- Research, evaluate and recommend evolving Information & Cyber Security topics including upcoming regulatory requirements and develop business cases for investments.
What we offer:
- Expert knowledge and experience in performing technical security audits/assessments
- Expert knowledge in network security architecture concepts, application security, emerging IT and cybersecurity technologies
- Knowledge in Information & Cyber Security Management with regards to processes, concepts, methodologies.
- Previous work experience as a penetration testing expert is an asset
- Red Teaming experience is an asset
- Practical experience in IT security in large enterprises
- Strong coordination and excellent communication and presentation skills within an international environment
- Ability for independent decision-making and issue resolution
- Strong team orientation
- Have a master’s degree in security/engineering, computer science or business information systems or adequate practical experience
- Excellent command of written and spoken English and German
- Experience with the implementation of ISO-27001 compliant ISMS is an asset
- Vendor independent security certifications (e.g. CISA, CRISC, CISSP, CEH, ...) are an asset
- Experience in a large international banking environment is an asset
- You’ll work in an international team at a leading bank
- You’ll benefit from flexible working arrangements and determine your own work-life balance
- You’ll benefit from the very latest in tailored professional development
- You’ll earn an appropriate salary starting at 46.500 gross p.a. excluding/including overtime
RBI AG is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ethnicity, race or color, national origin, religion, political or other opinion, gender, sexual orientation or disability.