Chief Information Security Officer
Situated in the heart of Zug in Switzerland, which is globally recognized as the Crypto Valley and the home of multifold reputable crypto and blockchain organizations, we have established our headquarter operations. SEBA represents a new digital finance offering, which is committed to security, transparency and performance. Our talented teams build the bridge between the old and new economy and own a wealth of experience in financial markets, regulation, technology and information security.
We are bringing a new financial services paradigm to the crypto economy. In scope of our relentless focus on the highest security standards we are seeking a Chief Information Security Officer to take control of SEBA’s Information Security Management System. Whilst working as part of the Technology team reporting to the Head of Technology (CTO) you will have direct links to the Executive Committee (Exco), including CEO, CRO, COO, etc. as well as the companies risk committees at both the ExCo and Board of Director level (BoD).
In this role you will be responsible for the following:
- Take ownership and personal accountability for SEBA’s information security management system and its evolution in line with SEBA’s business strategy and global expansion
- Develop and maintain information security policies and procedures in collaboration with technology, risk, legal and compliance functions and ensure they are being adhered to
- Protect SEBA’s information, systems as well as brand and reputation from a wide range of threats
- Devise strategies and implement solutions to minimize the risk of cyber-attacks, including all potential risks relating to crypto assets
- Own the information and cyber security vision and strategy and oversee all related activities (e.g. identify, protect, detect, respond, recover)
- Define, track and take appropriate actions on security relevant KPI’s and metrics.
- Lead penetration testing and blue/red/purple team initiatives
- Champion the adoption of cloud technologies implementing state of the art security, governance and risk management technologies
- Define the methodology for information security risk assessments as well as planning, prioritizing and guiding their execution
- Run company-wide programs to maintain and achieve industry standard certifications and assurance reports (ISO, ISAE, SOC etc.)
- Develop and run security awareness and training programs educating the organization about the latest security strategies, technologies, threats and the right security conscious behavior
- Act as the key liaison for information security and cyber risk related audits and lead any resulting remediation initiatives
- Manage the information security budget and investments as well as strategic vendor relationships related to information and cyber security
- Track latest security innovations and keep abreast of latest cyber security technologies
- Regularly report on initiatives, programs, audits, threats, security risks and mitigation to the ExCo and BoD and associated risk committees
For you to become part of SEBA’s journey, we require the following set of experience:
- At least five few years as CISO or managing an IT security team, ideally within a fast-paced dynamic company that has fully embraced public cloud technologies
- Strong leadership skills and highly adept relationship/stakeholder manager
- A track record of managing external vendors and suppliers
- Experience in leading without requiring formal line authority – expert communicator with strong negotiation, persuasion and conflict management skills
- Effective change agent, embedding security thinking into all aspects of the business
- Proactive individual engaging directly with all stakeholders without waiting to be invited
- Hands-on technologist with IT architecture skills and demonstrated experience in defining and implementing cloud security architectures
- Experience in analyzing security threats, creating threat models and conducting audits
- Knowledge of risk- and incident management
- Experience with cryptocurrency and blockchain technologies
- Strong cryptographic knowledge including securing digital assets
- Deep technical understanding of networking, firewalls, intrusion detection/prevention, authentication/authorization and modern security technologies (SIEM, EDR, UEBA, AI/ML etc.)
- Know-how of security standards such as NIST, ISO/IEC 27000 series, data protection laws (GDPR) and financial services regulations (Finma, MAS, HKMA etc.)
At SEBA, our people make the difference. We look forward to receiving your full application (CV, Motivation Letter, Reference Letters and Diplomas).
Your application has been successfully submitted.
The Bank for the New Economy