Information Security Officer

Purpose of the Job

Quintet Private Bank is a leading private bank in the wealth management sector; we are committed to our clients and their families, and pride ourselves on our personalised service based on a deep understanding of what clients want to achieve. We are a bank headquartered in Luxembourg, with branches in Denmark, Germany, Netherlands and Belgium and a subsidiary in the UK and supervised by the ECB with an ambition to stay true to our purpose to be the most trusted fiduciary of family wealth.

When you join Quintet you are joining a company that values diversity of background, equal access to opportunities, career development, collaboration and inclusiveness. We want our employees to feel proud of being part of a company that is committed to do the right thing. You will have the opportunity to grow your career while developing personally and professionally through various resources and programmes. 

The successful candidate will work as part of the Digital & Operational Resilience Risk function and can be located in any of Quintet location. She/he will be responsible for thoroughly checking and challenging the controls implemented by our IT team, with a particular emphasis on ensuring the security and compliance of our cloud environment.

The Information Security Officer supports the Digital Operational Resilience Strategy of the Group by handling one or several strategic objectives. He/she delivers key Cybersecurity and Information Security controls, as well as ICT Risks related controls if needed. She/he advises the entire organization on how, when, why and where to enhance the Cybersecurity posture of the Group.
She/he is in charge of 2nd Line of Defense type of controls, check & challenge, leveraging the Quintet Group ICT Risk Framework as approved by the BoD.
She/he supports the Group CISO and the head of ICT Risks mainly on the Strategic Objective related to Cyber Security Risk.
 

Key Accountabilities

• Support the Chief Information Security Officer in establishing and enforcing security measures to protect the organization's infrastructure, cloud, applications, networks, and data.
• Oversight implementation and effectiveness of security measures protecting Cloud environment of the bank  against cyberattacks.
• Manage and follow up on the Cloud Security Assessment.
• Define and promote awareness of operational security procedures and technical security standards.
• Assess and challenge technical security controls and report metrics through security dashboards.
• Assist IT management and the CISO in defining the IT and cloud security strategy.
• Provide guidance and support on ICT risk management to the 1st line of defense.
• Advise internally on key pillars of the ICT Risks & Information/Cyber Security Strategy.
• Advise internally on strategic objectives of the Digital & Operational Resilience Strategy.
• Direct point of contact for local senior management on ICT risks and cybersecurity matters.

Knowledge and Experience

• IT background.
•  Knowledge of cybersecurity hygiene and IT risk management methodologies.
• Third-party risk management. 
• Experience in cloud security, including designing and implementing secure cloud architectures, managing cloud security controls, and ensuring compliance in cloud environments.    

Attributes and Qualities

• Advisor profile.
• Ability to take a step back.
• Ability to communicate straightforwardly.
• Ability to say no while providing value.
• Negotiation skills.

Technical Skills

• Cloud security skills, particularly in the Microsoft ecosystem: Security Architecture, Security Controls Cloud, Compliance and Governance, Security Best Practices, Threat Detection and Incident Response
• Infrastructure and application security.
• IT risk or cybersecurity certifications are a plus (CISSP, etc.).

Languages Skills

• Fluent in French and English.
• German, and Dutch are additional advantages.