Would you like to be responsible for the initiation, development, and execution of an insider threat program? Are you experienced in leading these programs on a global level? Then you have come to the right place! This is a temporary position for the duration of 6 months.
The Global CISO organisation of the organization is responsible to assist management, business and other tribes in providing customer friendly services in a safe and secure way. Business leaders and CISO are jointly responsible for bank-wide security. CISO is mandated to drive required change in all domains, business and IT.
The CISO Business Support Functions (BSF) is responsible for information security across the BSF domain. This includes Risk, Finance, HR, Procurement, Legal, and a number of other bank functions.
Within the CISO BSF team, the Insider Threat Lead is a newly established role that will be mainly focused on defining and rolling out practices to mitigate insider threat risk.
What are you going to do?
- Define and implement an approach to Insider threat within the Business Support Functions (BSF). The implementation includes processes, controls, reporting, governance and technology
- Main initial focus will be on Fraud risk management and Data Leakage Prevention (DLP)
- Content expert on insider threat mitigation, with expectation to keep up to date on best in class industry practices and to collaborate with peer companies
- Act as Anti-Fraud Officer (AFO) for BSF, which entails providing oversight to the local AFOs and partner with 2nd Line of defenses in challenging anti-fraud plans and their effectiveness
- Coordinate period fraud risk assessments and lead the anti-fraud plans execution. This would include definition and monitoring of key fraud risk indicators, execution of fraud mitigation plans, implementation and operations of technology and controls to mitigate fraud, supporting fraud investigations, identification of fraud trends and structural gaps to be improved upon
- Support the rollout of DLP solutions and support the ongoing governance. This includes working with BSF data owners in defining local policies, advise and follow up on DLP incidents, identification and remediation of structural gaps, define continuous improvement opportunities together with the central DLP team, contribute to the vision for DLP at our client across all possible data exfiltration vectors
- Act as training & awareness lead across BSFs and Group Services (GS) (the IT team supporting BSF), designing or customizing programs to mitigate insider threat and increase security awareness. Liaise with central CISO training and awareness program lead and as part of the overall community of practice
- Partner with BSF/GS in running and structuring the Security Guild and formalizing the Security Engineering curricula and competencies
What will you bring?
- 10+ years of professional experience in IT or information security
- BS/MS degree in computer science or related field
- Proven subject matter expert with implementation experience in the area of insider threat management, with particular focus on internal fraud and data leakage prevention
- Prior experience working in forensics investigation
- Experience in security training & awareness best practices across both business users and engineers
- Broad information security experience, corroborated by relevant certifications (e.g. CISSP, CISM, GSE)
- Experience working across lines of defense, ideally in financial services industry
- Applied knowledge of various information security frameworks (e.g. ISO27001, NIST, CIS)
- Experience with executing risk assessments
- Excellent command of the English language
- Outstanding oral and written communication skills
- Skilled in working with MS Office, especially PowerPoint (reporting) and Excel (data analysis)
- Strong reporting skills (including C-level reporting)
- Experience of working in complex environments
- Strong analytical skills, and ability to solve high complexity problems
- Team player and collaborative.
What will you get?
- Working in an innovative company
- Working in an open and honest business culture
- Work in an international environment.
- Competitive salary
- Good secondary benefits
- The opportunity to work flexible
- The opportunity to further expand your knowledge, through trainings etc.
Do you want more information about this position? Please contact me through contact details below.