Security & Privacy Risk Officer (all humans)

Make a difference in the financial life of millions of people: At Erste Digital you are co-creating the digital future, in which better financial health is possible. #believeinyourself

We are part of Erste Group – the largest banking group in Central and Eastern Europe with more than 2,500 branches and over 45,000 employees. Our more than 2,000 IT experts and enthusiasts are the bank's Digital Muscle.

The Security & Data Privacy Risk Management team facilitates the implementation of information and cyber security, as well as data privacy processes within Erste Digital and in close cooperation with our partners in Erste Group.

We enhance resilience by risk-based prioritization of security, data privacy, and IT maturity across the organization.

This function is the link between information security, data privacy, IT, and business representatives and is involved into the whole process of definition, maintenance, tracking of security regulations, risk management, definition of mitigating measures, and especially raising the awareness for these topics of all stakeholders.

What to do:

• Become the missing link and help prioritize identified information & cyber security or data privacy risks in the language of business representatives

• Establish and conduct qualitative risk assessments in various domains in the IT area (e.g. security, data privacy, third party, ...)

• Facilitate the process to propose practical and cost-effective Information & technology risk treatment options in alignment with subject matter experts where needed

• Prepare, create and implement business impact analysis for critical business processes and solutions based on the already established methodology

• Conduct privacy impact assessments for high impact processing activities based on existing methodology

• Provide aggregated risk oversight for various high impact areas of IT services

You check these boxes:

• Polyglot for techies and business - ability to communicate and translate IT risk-related concepts into clear business impacts, enabling informed decision-making and strategic alignment across the organization

• Experience in IT risk management or information & cyber security or data privacy and equivalent interest to become more fluent in the other areas

• Bachelor’s degree in IT or related field (or equivalent practical experience); certification in IT Risk, InfoSec, or Data Privacy (e.g., CRISC, CISM, CIPM, CIPP/E) is a plus

• Self-confidence with high self-motivation as well as a customer-oriented, flexible and independent way of working

• Competence to understand business environment, processes and organizational setup as well as IT infrastructure quickly to align them with identify identified IT risks

• Strong understanding of security and privacy principles, with the ability to apply them in risk assessments and compliance initiatives

• Ability to grasp the risk landscape of a business area and communicate key security and privacy priorities

• Awareness of relevant regulatory standards in the financial sector (e.g. DORA, GDPR, EBA guidelines) is beneficial
  

Why you will like us:

• An autonomous position in a cooperative and dynamic team with self responsibility you will benefit from gaining technical or risk know-how

• Support of your professional and personal development at all times. Our employees appreciate attractive career opportunities, flexible working hours, numerous social benefits and a professional working atmosphere

• Employee benefits – Benefit from special conditions for financial services and insurances, supermarkets, clothing stores and many more.

• Employee Referral Program – Become a talent scout for career opportunities in IT. We are rewarding every successful referral for Erste Digital

• A competitive and performance-related salary dependent on your professional and personal qualifications is granted - the minimum wage for this position in accordance with the respective collective agreement is EUR 53.802‬,-- gross per year. But this is just a formality, we are more than happy to discuss your actual expectations.
  

The way we are:

Erste Group considers the diversity of its employees as key to innovation and success. As employer we are proud to offer everyone equal chances, irrespective of age, skin colour, religious belief, gender, sexual orientation or origin.