Information Security Specialist - GRC & IAM
Euronext
Porto
há 19 horas

Job Description Summary

The Information Security Specialist - GRC & IAM is part of the Information Technology job family providing end-to-end technology across Euronext business.

Information Technology has a core responsibility for developing, supporting and protecting the key trading applications, and protecting Euronext systems from cyber-attacks and data theft.

Role Summary

The Information Security Specialist - GRC & IAM has key operational and development skills to ensure the successful implementation and maintenance of Information Security tools, processes and people.

Operating within the Information Security Governance Risk and Compliance (GRC) division, the selected candidate will be engaged in all areas of the business at Euronext.

Further, the boundaries of the role extend beyond Euronext’ perimeters where third parties exist and need to be engaged or responded to.

The function is heavily involved in the day to day running of the Information Security practice and wider programme across the organization.

Will be engaged to handle IT audits and risk assessments, third party reviews, compliance checking, and matters of both regulatory and legislative impact including matters relating to, but not limited to, data privacy, cyber legislation, and corporate security best practices.

Key accountabilities

  • Assisting with risk assessments and the risk management process by executing appropriate measures to manage and mitigate risks thus reducing the potential impact on information resources / assets.
  • Assisting with audit and review type activities whether orchestrated or initiated internally or externally by a third party.
  • Assisting with compliance matters or conflicts of interest relating to communicated security; Policy, Standards, Procedures, and Guidelines.
  • Identity and access management activities
  • The handling of exceptions to policy, standards, procedures, etc.
  • Assisting with the In-Take phase of all new projects and initiatives.
  • Assisting in the drafting and preparation of departmental security document sets.
  • Keeping track of policy and standards exceptions and the risks aligned to them.
  • Keep abreast of new risks and trends in the threat landscape that may need to be addressed within information security policies, procedures and standards
  • Assist with the coordination and support the delivery of ongoing security awareness and training through various tools and workshops.
  • The key accountabilities only describe the main activities and is not exhaustive. It evolves depending on the expertise level and ongoing projects.
  • Your profile

    In-depth technical knowledge in one of the following field of expertise :

  • Security knowledge of Windows and Linux operating systems and supporting infrastructure elements
  • Security knowledge of Microsoft cloud technologies
  • Security knowledge of AWS cloud technologies
  • Security knowledge of IAM technologies
  • Experience in managing and delivering projects
  • Experience in process improvement, re-engineering and root-cause analysis / resolution
  • Flexibility and ability to work in environments with changing priorities
  • 5-10 years’ experience in an Information Security GRC / IAM role :

  • Established background in Information Security Risk
  • Established background in IT / Information Security Audit
  • Established background in Microsoft IAM / cloud technologies
  • Strong stakeholder management skills
  • The ability to interface across the organization with other teams and managers of all levels.
  • Analytical judgment and decision making skills
  • Strong background and knowledge of working with and implementing international security standards and frameworks, such as;
  • ISO27001, ISO27002, ISO27005.

  • Project management skills
  • Ability to assist with security education and awareness training sessions
  • Excellent written and verbal communications skills.
  • Excellent organisational skills.
  • Must work be able to work well under pressure and prioritise workload appropriately
  • Must be able to work well alone or as part of a team
  • Ability to adjust to changing priorities while multitasking effectively.
  • Ability to articulate complex security and privacy concepts to business users.
  • Ability to communicate with clients in a professional manner.
  • Working / technical knowledge of IT infrastructure and security specific controls.
  • Experience within the financial sector will be a benefit.
  • Security industry certifications, such as; CISSP, CISA, CRISC, CGEIT will be a benefit
  • Unity

  • We respect and value the people we work with
  • We are unified through a common purpose
  • We embrace diversity and strive for inclusion
  • Integrity

  • We value transparency, communicate honestly and share information openly
  • We act with integrity in everything we do
  • We don’t hide our mistakes, and we learn from them
  • Agility

  • We act with a sense of urgency and decisiveness
  • We are adaptable, responsive and embrace change
  • We take smart risks
  • Energy

  • We are positively driven to make a difference and challenge the status quo
  • We focus on and encourage personal leadership
  • We motivate each other with our ambition
  • Accountability

  • We deliver maximum value to our customers and stakeholders
  • We take ownership and are accountable for the outcome
  • We reward and celebrate performance
  • We are proud to be an equal opportunity employer. We do not discriminate against individuals on the basis of race, gender, age, citizenship, religion, sexual orientation, gender identity or expression, disability, or any other legally protected factor.

    We value the unique talents of all our people, who come from diverse backgrounds with different personal experiences and points of view and we are committed to providing an environment of mutual respect.

    Additional Information

    This job description is only describing the main activities within a certain role and is not exhaustive. It does not prevent to add more tasks, projects.

    Inscreva-se
    Adicionar aos favoritos
    Remover dos favoritos
    Inscreva-se
    Meu e-mail
    Ao clicar em "Continue", autorizo a neuvoo a processar os meus dados e a enviar-me alertas de e-mail, conforme detalhado na Política de Privacidade da neuvoo . Posso retirar o meu consentimento ou cancelar a subscrição a qualquer momento.
    Continue
    Formulário de candidatura