Information Security Officer

Job Title： ISO Information Security Officer on a part-time basis

職稱：技術支援專員

Location： First Commercial Bank Ltd., Frankfurt Branch, Germany-Frankfurt am Main

地點: 第一商業銀行法蘭克福分行，德國法蘭克福

Description：

As a leading bank from Taiwan in international banking, First Commercial Bank, Ltd. has a presence in more than 11 countries with more than 30 overseas branches across the world. To expand our global banking services, our Frankfurt Branch in Germany has started its operation last year. To build up a firm operation and develop a prosperous business we are looking for a qualified ISO Information Security Officer to join our team.

Task：

• To apply a deep understanding of industry standards relating to current data/cyber security products and data/cyber security management;
• To help represent the Bank on project boards that have a strong security posture to ensure that appropriate actions are taken to ensure continued compliance with corporate data security standards as well as prepare written reports as needed;
• Responsible for Incident Response Plan and annual testing of plan;
• To document, implement and review data and cybersecurity policies and risk assessments that affect all business units within the Bank and support the IT Risk Management process;
• Ensure that data and cyber security policies are implemented, enforced, and monitored and to ensure the Bank embraces a culture of confidentiality;
• To provide leadership as well as ensuring the technical and administrative support for the development and maintenance of Business Continuity and Business Impact Analysis programs for the Bank;
• Contribute to formulation of the Group IS Strategy, ensuring its implementation is in line with regional legal. Regulatory and risk requirements and monitor that implementation for Americas;
• Represent the CISO organization at all appropriate regional control and governance forums as well are regional regulatory and legal entity organizations;
• Oversee the development and maintenance of local ISO policies;
• To use and assist others in the use of information technology systems to carry out duties in the most secure manner.

Skills：

• Understanding of MaRisk and BAIT rules;
• Understanding of information security control and governance frameworks;
• Experience with senior level presentations to regulators, legal entity boards, and other senior management;
• Familiarity with Technology and background in leveraging technical solutions and automation in the Bank;
• Strong knowledge of regulatory bodies, and the regulations and guidance issued by these bodies, overseeing banks, and financial services organizations;
• Strong knowledge of privacy laws, such as GDPR;
• Must possess strong project management and leadership aptitude; demonstrate professionalism in managing multiple projects and resources effectively;
• Should have experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation.
• Profile Requirement：
• Minimum 2+ years of progressive experience in Information Technology/Cyber Security and banking industry;
• Must be an intelligent and persuasive leader who can serve as an effective member of the senior management team and who is able to communicate security-related concepts to a broad range of technical and non-technical staff. Acting as a bridge between IT and business process owners;
• Certification such as CISA, ISO 27001;
• Bachelor’s Degree in computer science, accounting or related;
• A team player with strong communication skills;
• Fluency in German and English;
• Hold long-term German working permit.

Others：

• The regular working time is 24 hours (three full working days) per month.

Does this position sound interesting for you? And if you are a team player and culture fit then join us! Please apply with your CV (in English or German), a cover letter and all educational and work certificates, as well as your salary expectation and possible starting date) quoting job position you are applying for to i922hr@firstbank.com.tw before the deadline (Feb. 29th, 2024). Promising candidates will be informed for further interviews.