The Client:
On behalf of our Client, a Banking Institution in Nicosia, we are seeking to recruit an Information Security Risk Management Analyst.
The Position:
The Information Security Risk Management Analyst is responsible for identifying, assessing, and mitigating risks to the organization's information assets. This role ensures the implementation of effective security measures and compliance with regulatory requirements to protect sensitive data and maintain business continuity.
Duties and Responsibilities:
Applies the methodology for identifying and assessing risks related to the security of the Bank’s information.
Evaluates the materiality of the Bank’s systems and processes considering the information they manage/process, to take informed decisions when assessing security risks and prioritize the resources for implementing the action plans.
Performs specialized security risk assessments, focused on high-risk areas or activities and defines action plans to mitigate the identified risks.
Applies the methodology for contacting Third-Party Security Risk Assessments and defines action plans to mitigate the risks identified.
Applies the methodology for conducting Cloud Security Risk Assessments and defines action plans to mitigate the risks identified.
Performs Ad-Hoc Security Risk Assessments based on suspicions or allegations of improper application of the provisions of the Information Security Framework to ensure the proper protection of the Bank’s information.
Assesses the risks arising from security incidents and defines action plans that include all necessary actions (both technical and procedural) to reduce the impact and the probability of re-occurrence in the short term, but also in the long term.
Conducts security controls maturity assessments, analyzes the results, reflects the maturity score and defines action plans to mitigate key security risks, to ensure the Bank’s compliance with the Information Security Framework.
Performs tests to determine the effectiveness of existing security controls (technical or procedural including the use of specialized tools).
Monitors the progress of implementation of the actions specified in the risk mitigation action plans, supports their resolution to eliminate weaknesses on the Bank’s systems, evaluates their successful completion, and accepts risk closure.
Skills/ Qualifications/ Experience:
Bachelor of Science degree in Information Security or Master of Science degree in Information Security or Bachelor of Science degree or Master of Science degree in another related field
Professional certifications CISSP, CISM, CRISC, CISA, or others related with Information Security will be considered as an advantage.
Familiarization with relevant laws and regulations (e.g. DORA, PSD2, ECB Directives/Guidelines, SWIFT) will be considered an advantage.
Very good communication skills (verbal and writing) in both Greek and English.
Very good presentation skills in technical and business terms.
Very good rational analysis and problem-solving skills.
Ability to work under pressure.
Efficiency in time management, prioritization of tasks and working within predetermined deadlines.
Very good research skills to map international best practices.
Location:
The position is for the Client's offices in Nicosia, Cyprus.
Remuneration:
An attractive remuneration package will be offered to the successful candidate based on qualifications and experience.
Apply now in strict confidence
Only successful candidates will be contacted.