Talent.com
WorldFirst
Senior Security GRC LeadWorldFirst • Technology Luxembourg, Luxembourg
Senior Security GRC Lead

Senior Security GRC Lead

WorldFirst • Technology Luxembourg, Luxembourg
Il y a plus de 30 jours
Description de poste

Description

Position at Ant Group Ant International strives to become the most trusted digital services connector to achieve sustainable growth of global commerce.With a focus on Travel, Trade, Technology, and Talent, Ant International is committed to enhancing the digital mindset and capacities of businesses worldwide. Through fostering collaborative efforts with partners, we are driving responsible innovation and increase market accessibility for global SMEs.In EMEA we do so across 3 key businesses: Alipay+, Antom and WorldFirst (Where you will partner as HRBP+ also).Team Introduction:We are seeking an experienced Senior Security GRC Lead to join our dynamic fintech team in Luxembourg. This critical role will be responsible for developing and maintaining our comprehensive information security governance, risk, and compliance framework in alignment with CSSF regulations, DORA requirements, and international standards. The successful candidate will play a pivotal role in ensuring our digital operational resilience and protecting our financial services infrastructure.This position provides dedicated security governance support with a 50/50 split between:
  • 50% supporting the EMEA regional teamwith security strategy, risk management, and security compliance initiatives
  • 50% supporting the local Luxembourg entitywith CSSF regulatory compliance, DORA implementation, and local security operations
Key responsibilities:1. Information Security Strategy & Governance
  • Develop and maintain the information security strategy, ensuring alignment with business objectives and regulatory requirements
  • Establish and oversee the information security governance framework, including policies, standards, and procedures
  • Lead the Information Security Committee and provide regular reporting to senior management
2. Regulatory Compliance Management
  • DORA Compliance: Ensure full compliance with the Digital Operational Resilience Act (DORA) requirements, including ICT risk management, incident reporting, digital operational resilience testing, and third-party risk management
  • CSSF Regulations: Maintain compliance with CSSF Circular 25/880 and other relevant Luxembourg financial regulations
  • Industry Standards: Ensure adherence to PSD2-SCA, PCI-DSS, SWIFT CSP, ISO27001, and other applicable financial industry standards
  • EBA (European Banking Authority)guidelines and technical standards
3. Risk Management Framework
  • Identify, assess, and prioritize security risks across the organization
  • Develop and implement comprehensive risk mitigation strategies and action plans
  • Conduct regular ICT risk assessments and oversee the annual Long Form Report preparation
  • Implement and maintain a robust third-party vendor security risk management program
4. Digital Operational Resilience
  • Design and implement the DORA-compliant ICT risk management framework
  • Plan and execute digital operational resilience testing programs, including threat-led penetration testing
  • Establish and maintain incident response capabilities aligned with DORA incident reporting requirements
  • Implement continuous security monitoring and threat detection capabilities
5. Security Architecture & Technology
  • Good understanding of Technology and Security architectural designs
  • Good understanding of SIEM, DLP, Endpoint Security
6. Security Awareness & Culture
  • Oversee and deliver Security awareness and training programs
  • Foster a security-conscious culture throughout the organization
  • Provide security guidance and support to business units and technical teams
7. Audit & Regulatory Engagement
  • Act as the primary contact point for IT security audits, inspections, and regulatory examinations
  • Coordinate responses to regulatory inquiries and implement corrective actions
  • Maintain relationships with CSSF and other regulatory authorities
Job requirements and expectations:
  • Experience: 5+ years in information security management roles as Security GRC Lead, or equivalent position in the financial services industry
  • Technical Background: Strong technical foundation in cloud security, IT infrastructure, and application security
  • Regulatory Expertise:
  • DORA (Digital Operational Resilience Act) and its implementation requirements
  • CSSF regulations, including Circular 25/880 on ICT security and risk management
  • PSD2-SCA, PCI-DSS, SWIFT CSP, and other financial industry standards
  • ISO27001 and NIST cybersecurity frameworks
Technical Skills
  • Cloud Security: Good background of Cloud Security controls and best practices
  • Security Technologies: Good Knowledge of SIEM, EDR, vulnerability management, and identity management solutions
  • Architecture: Understanding Security architectures
  • Emerging Technologies: Knowledge of AI security.
Professional Competencies
  • Leadership: Proven ability to lead security initiatives and influence stakeholders at all levels
  • Communication: Excellent presentation and communication skills, with experience presenting to Risk Management Committees, Board of Directors, and regulatory bodies
  • Problem-Solving: Strong analytical and decision-making abilities in complex regulatory environments
  • Project Management: Experience managing security projects and compliance initiatives
Créer une alerte emploi pour cette recherche

Senior Security GRC Lead • Technology Luxembourg, Luxembourg

Offres similaires

Senior Manager - M&A Advisory

eFinancialCareersLuxembourg, Luxembourg

The Senior Manager - M&A Advisory plays a key role in leading transaction execution and influencing client outcomes.Working closely with senior leadership, including Partners and Directors, this in... Voir plus

 • Offre sponsorisée

NSI - Experienced Cyber - Security Officer

NSIluxembourg, Luxembourg

As part of our growth, we are currently looking for an.Experienced Cyber-Security Officer.Your main responsibilities as a Consultant.Ensure security compliance for all assets hosted in our Luxembou... Voir plus

 • Offre sponsorisée

Hays - Senior Compliance Sales - Reg Tech

Haysluxembourg, Luxembourg

We are looking for an extremely motivated Sales and/or Compliance professional to grow our business in Luxembourg.This role is focused on developing the business of a Regtech company providing solu... Voir plus

 • Offre sponsorisée

Authorised Manager - Risk & Information Security

Le Grand & AssociatesLuxembourg, Luxembourg, LU

Position: Authorised Manager - Risk & Information Security Location: Luxembourg.Regulated cryptocurrency exchange, licensed by the Luxembourg Ministry of Finance and regulated by the CSSF.The first... Voir plus

Luxembourg Institute of Science and Technology (LIST) - Senior Information Security & GRC Expert

Luxembourg Institute of Science and Technology (LIST)luxembourg, Luxembourg

Are you passionate about research? So are we! Come and join us.The Luxembourg Institute of Science and Technology (LIST) is a Research and Technology Organization (RTO) active in the fields of mate... Voir plus

 • Offre sponsorisée

Compliance Associate

Lombard OdierLuxembourg

An innovative bank of choice for private and institutional clients, our independently owned Firm is one of the best-capitalised banking groups in the world, managing close to CHF 300 billion and op... Voir plus

 • Offre sponsorisée

Cat-Amania - Consultant Crédit Risk & Risk Management (RWA / IFRS9 / Crr3)

Cat-Amanialuxembourg, Luxembourg

Le consultant interviendra en régie sur des activités de contrôle de second niveau et de production de reporting liées aux risques de crédit, aux RWA et aux exigences réglementaires (Crr3 / Icaap).... Voir plus

 • Offre sponsorisée

Cronos Luxembourg - IT Security Process Specialist

Cronos Luxembourgluxembourg, Luxembourg

The IT Security Process Specialist is responsible for designing, implementing, and maintaining security processes that ensure the protection of the company's information systems.This role focuses o... Voir plus

 • Offre sponsorisée

FA-26021 SENIOR INFORMATION SECURITY & GRC EXPERT

Luxembourg Institute of Science and Technology (LIST)Esch-sur-Alzette, Esch-sur-Alzette, LU

Are you passionate about research? So are we! Come and join us.The Luxembourg Institute of Science and Technology (LIST) is a Research and Technology Organization (RTO) active in the fields of mate... Voir plus

Dionys - Security Officer Senior - EndPoint Security & Hardening

Dionysluxembourg, Luxembourg

Vos principales responsabilités.Définir et mettre en œuvre les politiques de sécurité des endpoints (postes de travail et serveurs).Piloter les activités de hardening des systèmes (Windows / Linux)... Voir plus

 • Offre sponsorisée

Senior Compliance Consultant

eFinancialCareersLuxembourg, Luxembourg

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.Northern Trust is proud to provide innovative f... Voir plus

 • Offre sponsorisée

Senior Financial Risk Consultant

eFinancialCareersLuxembourg, Luxembourg

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.Northern Trust is proud to provide innovative f... Voir plus

 • Offre sponsorisée

Senior Advisor - Banking Risk Consulting (m/f)

skeeledLuxembourg, LU

BDO Luxembourg is looking for a Senior Advisor specialised in Banking Risk Consulting !.BDO is present in over 169 countries and we offer an extensive range of services in the areas of Audit, Tax, ... Voir plus

 • Offre sponsorisée

Corporate Manager - Securitization structures

Austin BrightLuxemburg (Canton), Luxembourg, LU

Our client is currently seeking a.This rapidly expanding international service provider is established in several countries and plans to double its workforce in the coming years-a true testament to... Voir plus

NSI - Security Engineer - FR / an

NSIluxembourg, Luxembourg

Dans le cadre du renforcement des équipes CyberSécurité d'un de nos clients, nous recherchons un(e).Vos principales responsabilités en tant que consultant(e).Renforcement et sécurisation des infras... Voir plus

 • Offre sponsorisée

Senior Risk Analyst

Axis LuxembourgLuxembourg, Luxembourg, LU

Contribute to the development and implementation of the risk management strategy and annual risk plan aligned with business objectives.Maintain and embed an effective risk management framework cove... Voir plus

Ingénieur Sécurité IAM L1

eFinancialCareersLuxembourg, Luxembourg

Ingénieur Sécurité IAM L1 avec au moins 5 ans d'expérience.Dans ce cas, voilà une opportunité pour vous ! L'opportunité de rejoindre une entreprise dynamique et multiculturelle comme Synechron.Cabi... Voir plus

 • Offre sponsorisée

Advisory Key - System & Security Engineer

Advisory Keyluxembourg, Luxembourg

Nous recherchons un Consultant Systèmes & Sécurité expérimenté pour rejoindre une équipe IT stratégique.Vous serez le référent technique sur les plateformes systèmes et de sécurité, garantissant le... Voir plus

 • Offre sponsorisée

Keyteo - IT Security Officer

Keyteoluxembourg, Luxembourg

The IT Security Officer supports the organisation's cybersecurity posture by enforcing security controls, performing security assessments, reviewing architectures, tracking vulnerabilities, and ens... Voir plus

 • Offre sponsorisée

Hays - IAM Consultant

Haysluxembourg, Luxembourg

Nous sommes à la recherche d'un Gestionnaire en sécurité IT pour l'équipe IAM d'une banque à Luxembourg.Solides connaissances IAM nécessaire.Contrat freelance ou CDI via portage salarial.Temps plei... Voir plus