Risk Advisor for Cyber / Technology Risk

Euroclear SA/NV Krakow • Belgium • 1w ago

Description
Division: Risk Management

Risk Management division forms part of Euroclear’s second line of defense and its mission is to support Euroclear in achieving its goals and delivering its strategy through providing robust, independent oversight of risk-taking activities across the Group.

We are a team of about 100 risk professionals, based across different locations, including Brussels, London, Paris, Amsterdam and Krakow. Our activities cover the entire Euroclear group.

Following a recent re-organization and continued expansion into new markets and services, a decision has been taken to improve Risk Management’s capability through recruitment of a number of risk professionals with specific subject matter expertise.

Role and responsibilities:

The IT and Cyber Risk Management team monitors and assesses the risk management performed by the first line and reports its independent view of the current and emerging risks, both in the Group and all entities. As a processor of high volume and value transactions, we must ensure our information technology including information security environment is adequately governed and supervised, according our risk appetite.

The IT and Cyber Risk Management team is currently looking for a new team member helping us to ensure:

IT / Security risk is and remains aligned with business strategy, objectives and needs.
IT / Security risks are managed and aligned to the risk appetite to safeguard the confidentiality, integrity and availability of Euroclear IT assets, data and systems.
IT aligns with all legal and regulatory requirements.

You will be responsible for:

Facilitating the efficiency of the Euroclear Risk Management framework in the IT divisions while providing risk education and training at all levels in line with this framework
Performing risk assessments and reporting conclusions to relevant audience (Euroclear committees & Management as well as regulators)
Supervising and analysing, largely independently, the risks within these domains, while combining in depth understanding
Keeping informed of business drivers and changes, while analysing, supporting and advising on information technology products and services developments, within a day-to-day and long-term time horizon
Assessing the efficiency of the first line Technology Framework in a matrix environment

Required qualifications:

Have a consistent record of at least 5 years in Information Security / Technology or risk management experience.
Have a broad understanding of all security domains, complemented by in-depth expertise in selected areas.
Have a knowledge of risk management concepts applied in Security and IT.
Be comfortable in presenting complex technical concepts in simple language for non-technical audiences.
Have an ability to see the bigger picture and connect the dots.
Have an ability to influence, constructively challenge and discuss at different levels.
Be self-confident and motivated, able to work independently and as a team member in a matrix structure.
Have strong analytical skills and critical thinker with ability to step back.
Be able to work against tight expectations.
Possess excellent written and verbal communication skills in English, including an ability to communicate difficult matters in simple terms to a non-technical audience.
Be eager to learn and develop knowledge outside of the area of expertise.
Good knowledge of information technology and information security standards (e.g. COBIT, ISO27x, PCI DSS, NIST CSF).
Having security certifications would be an asset (CISSP, CISM, CISA, ISO27001 LA/LI, SANS trainings, etc.)
Experience in ERM framework, Outsourcing and GRC tool is valuable.

Soft skills:

Detail oriented who can identify inconsistencies
Active listening to fulfil client requirements
Strong and open communication both written and verbal to maintain positive and professional relationships
Going extra mile to provide high service towards your partners
Good interpersonal awareness and sensitivity
Persuasion and influencing skills
Good sense of responsibility
Ability to deliver immediate actionable information combined with groundbreaking long-term thinking
Orientation on progress, self-improving by your own research, training and development

We are looking for a candidate who will strengthen our current Information Security / Technology Risk team by bringing experience on a number of above mentioned topics, proactively seeing opportunities for improvement in risk management processes, models and systems and participate to their implementation.

Our part of the deal

Continuous professional development:
a comprehensive and transversal view on Euroclear and its business;
training opportunity and as relevant to support to acquire external qualifications and professional certifications in the risk management field
regular contact with senior management;
opportunity to connect to people across the entire organisation
multi-cultural environment
Focus on individual coaching by your people manager
A flexible & dynamic work environment