General Info

• Department : CISO
• Work time Percentage : 100%
• Location : Geneva or Zurich with regular travel to Zurich - Switzerland

Our CompanyEFG International is a global private banking group, offering private banking and asset management services. We serve clients in over 40 locations worldwide. EFG International offers a stimulating and dynamic work environment and strives to be an employer of choice.
EFG is committed to providing an equitable and inclusive working environment that is founded on the principle of mutual respect. Joining our team means experiencing a supportive environment, where your contributions are valued and recognised. We strongly believe that the diversity of our teams gives us a competitive advantage by fostering better decision-making and greater innovation.
Our Purpose and Mission
Empowering entrepreneurial minds to create value – today and for the future.
We are a private bank, offering personalised solutions on a global scale to private and institutional clients. Our sustainable success is based on our talents and on how we partner with our clients and communities to create lasting value.
Job DescriptionThe Information Security team, under the lead of the Group Chief Information Security Officer (CISO) and part of the Chief Operating Officer (COO) organization, defines, leads, and coordinates information security efforts across EFG International and its entities globally. It outlines the information security strategy, identifies, and runs security initiatives and sets standards. It leads information systems security risk assessment efforts and owns the global security awareness and training programs. It will assist with activities and initiatives protecting EFG’s infrastructure, applications, and data against threats, such as security breaches, malware, third-party related weaknesses, or attacks by cyber-criminals.
To support the business and its future growth, the Information Security team is well embedded in the operational risk management framework, to ensure EFG does operate within its risk appetite. In addition, they support the business strategic change projects by providing the required skills and know-how to warrant successful outcomes.
To be able to achieve these objectives, we are looking for a seasoned Information Security Risk Manager.
This individual will be reporting directly to the Group CISO, based in Switzerland, and must drive the global strategic initiatives to further mature and strengthen our cyber defence capabilities and overall protection of the data of EFG, its clients and third parties. In addition, the role must provide adequate assurance that these capabilities remain fit-for-purpose against the evolving threat landscape and increased sophistication of attacks, taken into the account the complex and hybrid technical environments we operate in and the new and emerging technologies and services that are being embedded.
Main responsibilities:

• Define, implement, and maintain a cyber capability framework, which defines the required capabilities, its objectives, minimum requirements, related controls and key (risk) indicators.
• Define, oversee and steer the strategic cyber and information security programs.
• Oversight and assessments of regulatory developments related to directives and requirements.
• Define, maintain, and report (KPIs / SLAs) on the inter-entity outsourced information security services.
• Manage and oversee internal and external audits on cyber and information securirty services and capabilities, including tracking mitigation till closure.
• As part of assurance services, manage and lead red team, crisis management, and table-top exercises. Furthermore, provide threat intelligence briefings and overall risk landscape reporting to senior management, as well the overall maturity of our cyber capabilities

Skills and experience

• 10+ years of Financial working experience, preferably in large international/multicultural enterprise environments.
• Certified Certified Information Systems Security Professional (CISSP)
• Proven experience in building cyber capability framework.
• Led red team exercises (based on CBEST / TIBER).
• Reporting to senior management regarding threat intelligence and overall risk landscape.
• Master’s degree in computer science, information systems or a related technical discipline, or equivalent professional experience.
• Private Banking experience preferred but not a must.
• Excellent communications skills (verbal and written), ability to produce accurate documentation.
• Ability to speak clearly with various stakeholders, senior executives as well as technical experts
• Fluent in English, proficiency in any Swiss national language is a plus.

Our Values

• Accountability : Taking ownership for tasks and challenges, as well as seeking continuous improvement
• Hands-on : Being proactive to rapidly deliver high-quality results
• Passionate : Being committed and striving for excellence
• Solution-driven : Focusing on client outcomes and treating clients fairly with a risk-aware mindset
• Partnership-oriented : Promoting collaboration and teamwork. Working together with an entrepreneurial spirit.