Mission
Job Description:
The leading bank in the European Union and a leading international player, is seeking to complement and reinforce its existing teams in the areas of IT risk management, cybersecurity, and the fight against digital fraud.
Within IT Group, Informatics Directorate of the bank, the Cybersecurity & Digital Fraud Department's mission aims to structure, strengthen, and harmonize IT risk management and cybersecurity for the overall Group (approximately 30 entities) and:
- Defining the vision and strategy for IT risk management and cybersecurity, and ensuring the implementation of this strategy within the Group’s operating entities,
- Monitoring the security of the Group's information systems,
- Steering the IT Continuity and Resilience strategy and methodological framework.
The evolving Cyberthreats landscape increases the security risk of financial sector that leads the bank to strengthen its Cybersecurity maturity, IT risk management and Operation Resilience.
Within IT Group Cybersecurity & Digital Fraud department, candidate will be part of the Cybersecurity & Digital Fraud delivery teams in Portugal. As an extend team of the French central team, your mission is to contribute to the Enterprise Security activities.
The missions are as follows:
- Define security requirements and strategy for Data security and Cryptography for the Group
- Support subsidiaries in considering data security and cryptography measures
- Analyze and evaluate security risks, their impacts and propose complementary measures
- Participate in technical POCs on data security and cryptography solutions (including emerging technologies – innovation)
- Carry out a technological watch and contribute to the development of the security community within the bank
- Be responsible and present complex security topics related to data security and cryptography to both IT teams and non-IT teams (e.g., Legal team)
Main Tasks:
- Assessment of robustness of designs and data protection mechanisms and keys
- Defining guidelines for the usage of Blockchain within the Bank
- Collaboration in group's cryptographic and data security expert’s stream
- Project orientation towards the best techniques for data security depending on the case (cryptography, anonymization techniques, masking)
- Production of POC on data security technologies (full homomorphic encryption, ...)
- Performing risk analysis, proposing countermeasures
- Definition of security requirements for cryptography & data security (Group scope)
- Proposals for approaches to inventory of cryptographic assets in the group, and crypto agility
- Capacity to do presentation to different teams/stakeholders
- Capability to explain security topics from both a technical perspective and a business standpoint
Technical Skills:
- IT Risk and Cyber Security
- Risk Knowledge & Awareness
- Cyber security Knowledge
- Risk assessment: Raising awareness of ISO 27001/27005/Ebios RM or any other risk management framework
Language Skills:
- English (mandatory) - Mastery
Soft Skills:
- Ability to synthetize/Simplify
- Active Listening
- Ability to share/pass on knowledge
- Communication Skills - Oral & Written
- Ability to inspire others and generate commitment
- Ability to establish and activate networks
- Ability to lead a meeting, seminar, committee, seminar
Profile
Organization
Country
Portugal
Location
Lisbon
Contract type
Fixed-term contract
