About IC Markets
IC Markets is a global leader in the forex and commodities CFD trading space, with over 200,000 active clients who are performing more than half a million trades each day.
Our mission is to create the best trading experience for both retail and institutional clients, allowing them to focus more on their trading. We dedicated to offering superior spreads, execution and service across a wide selection of trading tools.
Senior Information Security Officer
As an Information Security Officer you will act as a key participant in monitoring, evaluating, and measuring the impact of business security decisions. Also, you will be responsible for developing and maintaining our security policies, procedures, and controls. You will conduct security audits, risk assessments, and investigate for any security incidents that occur. You will also collaborate with relevant business groups to identify current and emerging risks associated with business activities and operations and provide guidance in developing and implementing risk-mitigating strategies.
Duties
- Identify information security vulnerabilities and threats in the company IT network and infrastructure using various techniques e.g., penetration testing and vulnerability assessment.
- Collate information from the conducted assessments and recommend appropriate remedial steps.
- Develop, review, improve, and update information security policies, procedures, guidelines, and other related documents.
- Provide support to build the organization wide information security awareness and training programs. Contribute and provide content for awareness activities.
- Monitor, evaluate and ensure the segregation of duties on all systems to mitigate the risk of unintentional and/or deliberate system misuse.
- Ensure compliance with the applicable internal and international information security standards (e.g. ISO27001).
- Monitor changes or updates in any applicable law, regulation or accreditation standards pertaining to Information Security, and ensure compliance as required.
- Ensure appropriate administrative and technical safeguards are in place to protect information assets from internal and external threats.
- Prepare security baselines and safeguard applications, operating systems, and infrastructure devices by adopting the latest standards.
- Resolve information security issues and improve the Information Security performance by providing technical consultation in system development, acquisition, procurement, implementation, change management, operation/support and architectural and other ad-hoc projects.
- Assist all organizational units in areas related to Information Security and follow the related processes to provide support.
- Work with the concerned parties on the Information Security incidents and vulnerability management processes from design to implementation and beyond.
- Review technical information in the requirements statements, feasibility analysis, operating procedure manuals, and other documents produced in the process of system development.
- Monitor and assess IT systems security, system audit trails/logs and the validity of system configurations whenever required.
- Assist in vulnerability mitigation, e.g. through software/system patching through the IT department.
- Assist in performing on-going security monitoring of information systems including assessing information security risk, conducting functional and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements.
- Evaluate and recommend new information security technologies and countermeasures against threats to information or privacy and develop security reports and dashboards.
- Ensure identification, recording, reporting, and resolving any Information Security violations.
- Support and assist the other activities linked with Enterprise Risk and Business Continuity Management such as Risk Assessments and Business Impact Analysis.
- Support the development of the organization’s disaster recovery and business continuity plans for information security, and tests readiness.
- Carry out any other duties as directed by the immediate supervisor.
Qualifications, Experience and Job Skills
Qualifications:
- Bachelor’s degree in computer science or any other equivalent field.
- Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) and Certified ISO27001 Lead implementer are preferred.
- Ability to educate a non-technical audience about technical matters
- Excellent problem-solving and analytical skills
- Excellent organizational skills and attention to detail
- Solid knowledge of information security standards and local regulatory requirements. Knowledge of the European Banking Authority’s requirements related to ICT and security risks, would be considered an advantage
- Passion for learning, embracing challenges and innovation
- Ability to work well under pressure and in a fast-paced environment
- Excellent command of the English and Greek Languages, both verbal and written
Experience:
- At least four years of experience in a similar Information Security role, preferably in a financial institution
- IT background is preferred.
