CISO Senior Technical Risk Specialist # 108277
Banking today is a technology business, where digital ingenuity creates competitive advantage. At Credit Suisse, we are committed to delivering world-class technology innovation that enables our clients to reach their goals. CS's technology team is a critical commercial differentiator, creating products and services that enable the flow of financial information across the globe. We handle big challenges and create new products, using the latest technology to drive value for our business. We strive to provide applications that are robust, reliable and secure while continuously adapting to meet the evolving needs of clients both internally and externally. Our future depends on identifying and hiring the best people technologists in the financial world and bringing them together to serve our clients' needs. We offer an exemplary culture and a great working environment that nurtures collaboration and partnership; rewards excellence and encourages entrepreneurialism.
CISO team at Credit Suisse is tasked to ensure the data and IT systems of the bank are appropriately protected, while enabling technology advancements in line with business strategies. CISO Services play a key role in fulfilling this mandate by providing IT risk advisory and technology risk assessment services of projects, applications and IT infrastructure to internal clients globally, helping them understand IT risk exposure in their area.
CISO Senior Technical Risk Specialist - you will:
- Complement CISO UK as a domain expert in technology risk analysis
- Be a trusted technology risk advisor and partner providing IT Security consultancy to key clients up to MDR level
- Be involved in banks IT projects to ensure that new systems and solutions meet the banks security requirements
- Conduct technical risk assessments for IT assets, IT projects and key bank initiatives
- Identify vulnerabilities in applications and infrastructure components and translate them into business risks to Credit Suisse
- Articulate the business impact of identified IT risks to business partners and define adequate mitigation activity
Open to discussing flexible/agile working.
- She / he will have good communication skills. You will be proficient in English (spoken and written), German is a plus
- You will have a strong IT background (IT degree holder preferred) or equivalent work experience
- Ability to explain technical risks in a business context
- Your experience will include knowledge of industry standards (e.g. ISO 27001, CobiT, ITIL)
- Advanced skills and established experience in IT security and risk management (understanding risk assessment, legal and regulatory requirements, threats, vulnerabilities, security policies etc.)
- Deep understanding of Operating Systems (e.g. Windows Server, Unix) security and typical OS controls, application development, SDLC, Penetration Testing, access controls, encryption etc.
- Deep understanding of infrastructure components, including infrastructure security components (e.g. Network security, Firewalls, IDS, IPS etc.)
- Deep understanding of security architecture best practices
- Information Security Assessment and/or Audit experience
- CISSP, CISA, CISM, CompTIA Security+ or equivalent certification a plus
- Experience in financial services industry a plus
For more information visit Technology Careers .