Technology & Security Risk Specialist
Location: Luxembourg / Amsterdam
Department: CISO Office
Vacancy type: Permanent
We are looking to grow our dynamic team of risk specialists with a newly created position. The Technology & Security Risk Specialist will support the CISO office and GRC to enhance and mature the Information Security and IT Risk Management framework across the firm globally, ensuring an expansive and robust framework from which the business can proactively identify, assess, manage IT and data related risks.
This role forms an integral part of the Global Risk and Compliance Team and reports to the Global Chief Information Security officer in the 2nd line of defence. The role work closely with the Information risk team in India and alongside the Senior IT Risk Manager in the UK.
As Technology & Security Risk Specialist you will collaborate closely with other risk management peers and work closely with the Global IT management team to ensure alignment of common objectives and focus areas. Stakeholder management is a key success factor to this role.
- Embedding the Information Security and IT Risk Management framework within the local jurisdictions, specifically Luxemburg and Western Europe but with a global view.
- Driving firm-wide risk policy enhancements, consistent distribution of the policies, oversight of policy implementation and procedure/standard alignment
- Ongoing assessment and recalibration of the global risk appetite framework across all functions and locations
- Creating and overseeing the Material Risk framework (“top risks”) and how to categorise, quantify and oversee them
- Management of risk specific governance committees including the Global Risk Oversight Committee (GROC)
- Setting the risk training requirements of the firm at all levels, helping to drive and embed risk awareness and culture across the Group
- Setting the risk response framework to address client, regulator, auditor and other external party queries ensuring a consistent approach
- Setting the (internal) risk marketing agenda, including regular updates on key achievements, strategic plans, headwinds and horizon scanning to global partners
- Partnering with first line of defence (1LoD) colleagues on driving the controls identification, design and testing framework
- A demonstrable experience in IT Risk Management and associated ERM disciplines
- Experience in dealing with the regulators, specifically the CSSF and up to date knowledge with regulations relating to Information Technology, Security and Data
- Experience with industry frameworks such as COBIT, ISO27001, NIST and other including a solid understanding of the 3 lines of defence model.
- Risk assessment alignment. Primarily the delivery of the RCSA programme across the organisation globally, working with the first line of defence (1LoD) in playing an increasingly active role helping to embed risk awareness and standardisation in approach to risk management across the Group
- Targeted and thematic risk management deep dives. Undertake planned second line of defence (2LoD) assessments along with incident-driven (ad-hoc) deep dives
- Issue, incident and emerging risk management. Ensure active engagement in issues as they emerge, supporting business partners in remediating issues and identification of and addressing the root-cause both for the incidents and thematically across the organisation as required
- Auditor engagement (internal and external). Work actively with internal and external audit
- Results orientated. A self-starter with a commitment to challenge the status quo and help drive the risk management agenda forward in partnership with colleagues across all lines of defence
About Intertrust Group
Intertrust Group is a global leader in providing tech-enabled corporate and fund solutions to clients operating and investing in the international business environment. We have over 4,000 employees across 30 jurisdictions in Europe, the Americas, Asia Pacific and the Middle-East. Together as a team we deliver high-quality, tailored fund, corporate, capital market and private wealth services to our clients, with a view to building long-term relationships.
What we offer you
Apply for this role
Working at Intertrust means entering a dynamic, international and growth-oriented company. We provide you with outstanding opportunities for your professional and personal development through our local and global Intertrust Academies. Our International Mobility program enables talented employees to gain working experience abroad. We offer a competitive salary and benefits, commensurate with your qualifications and experience.