Cybersecurity, IT Compliance, Information Security
Adopt Information Security Policies issued by UCB AG central information security organization. Agree adoption with Head of Information Security according to processes of the central security organization. Amend the policy in line with local laws and local financial supervision to assure compliance with local regulatory requirements.
Instruct the local IT Service provider(s) (internal/external) to follow Information Security Policies.
Maintain local Information Security Policies
as part of change management of the defined fundamentals
on the basis of the results of Information Security reviews and the analysis of current Information Security incidents
Responsible for the monitoring of the implementation of Information Security requirements based on Metrics, KPI and other reports provided by the responsible functions
Participate in information security risk assessment
Perform Head Office controls for relevant Information Security reports to Top Management and Group Security governance function
Review Security Concepts and Data Protection Requirement analyses for global applications
Information Security Monitoring
Review and approve Information Security technology on behalf of central security organization according to central security planning.
Consultation and availability as local point of contact for Information Security
Information Security Incident Management and Reporting
Supervising/monitoring Information Security incidents as well as determining and agreeing of necessary measures with local IT service provider(s)
Define local processes, where necessary, for reporting ad-hoc critical IT Security Incidents to Head of Information Security and local branch management. Agree processes with Head of Information Security.
Collect data and prepare monthly Information Security reporting distributed to Head of Information Security and local branch management.
Maintain and protect all systems and application master passwords
Manage and reset user passwords in all applications and systems
Provide direct information security training to all employees, contractors, and other third parties
Initiate, facilitate, and promote activities to foster information security awareness within the organization
Ensure that all security information processes serve to provide appropriate access to protect the confidentiality, integrity, and availability of customer, employee and the business in compliance with the organization’s policies and standards.
Liaison to the Information Technology Department for all information security issues throughout the organization
Management and administration of security authentication devices to employees and third parties
Day-to-day support of information security related issues
Provide information security solutions for the organization
Keep abreast of cyber security related risks and advancement in information security technologies
at least 3 years’ experience in information security
Information Security Certification (e.g. CISSP or CISM) mandatory
Managerial skills expected
Good knowledge of information security principles
Familiar with cyber security market practices and legislative banking requirements
Strong communication skills, both written and oral
Solid skills using Microsoft Office Suite products
Flexible and an ability to learn quickly in an ever changing cyber security environment
Organized, responsive and highly thorough problem solver
Languages: German or Italian a plus
Systems: Working knowledge of Windows Active Directory, iSeries and UNIX operating systems
About UniCredit Bank, New York
At UniCredit, we believe in Banking that matters. Together with all our employees across the world, we are committed to do what matters for our customers, communities and colleagues.
#dowhatmatters is the essence of who we are and who we want to be. It is the promise UniCredit makes to current and future employees, and the way in which we take care of our community.
Through #dowhatmatters you can discover what working at UniCredit means.