Disclaimer: open to employees only
Do you believe finance can be something more meaningful than just a bunch of greedy wolves fooling around with others’ money until a crisis happens? Would you like to build a world where everyone can access a user-friendly tool to grow their money fairly and according to their needs? Do you have what it takes for that? Great, because Gambit is currently recruiting! Gambit is at a turning point in its technological development, and is investing in its product, both from a technical and a functional point of view. We have the ambition to become a European market leader in investment advisory technology, by operating a “Software as a Service” for financial institutions in the cloud.
General
The role of the Information Security Manager is to implement and develop the Gambit’s information security strategy to safeguard the organization from potential threats (I.e. cybersecurity threats) and ensure compliance with relevant regulations.
The Information Security Manager reports hierarchically directly to the COO.
Role Description and Key Responsibilities The role-holder will:
• Establish and enforce cybersecurity policies, standards, and procedures to mitigate risks and ensure compliance with relevant laws and regulations.
• Identify, assess, and prioritize cybersecurity risks, and develop strategies to manage and mitigate these risks effectively.
• Develop and oversee an incident response plan, coordinating responses to security incidents, and conducting post-incident analysis to improve resilience.
• Implement ongoing security awareness training programsto educate employees about the latest cybersecurity threats and best practices.
• Implement and manage a vulnerability management program to identify, assess, and remediate potential security vulnerabilities in software and systems.
• Conduct regular security audits and assessments to ensure compliance with security policies and identify areas for improvement.
• Assess and manage cybersecurity risks associated with third-party vendors and partners.
• Implement and manage security monitoring tools* to detect and respond to security incidents in real-time in coordination with the Group CSIRT.
• Coordinate action in the event of cybersecurity incidents and crises, ensuring that Gambit’s essential services are restored.
• Apply the BNPP group’s cybersecurity reference framework (policies, requirements, indicators, and control plans) and integrate entity-specific business lines needs and regulatory requirements into that framework.
• Provide cybersecurity expertise and support to Gambit’s IT teams and IT production.
• Carry out internal controls on IT production and suppliers to ensure that security measures are correctly implemented and applied, and that the entity’s customer data and its sensitive IT assets are protected.
• Work closely with the IT department and the CIO to integrate security practices into the development lifecycle* and promote a culture of secure coding.
• Work with the entity’s procurement and legal departments to ensure that information security obligations are included in agreements with third parties.
• Ensure that security aspects are integrated into Gambit’s project management process* by introducing appropriate information security policies and practices.
Required Knowledge, Skills & Abilities Education & Experience
• Bachelor’s or master’s degree in computer science, cybersecurity, software engineering, or a related field. MBA or equivalent business experience is a plus.
• Proven experience as an Information Security Manager in a senior information security leadership role within the IT sector.
• In-depth understanding of cybersecurity technologies, protocols, and best practices. • Industry certifications such as CISSP, CISM, or equivalent are highly desirable.
• Strong understanding of cybersecurity laws, regulations, and best practices.
• Strong knowledge of software development processes and methodologies.
• Knowledge and understanding of financial markets, regulations, and industry-specific technology trends is a plus
Education & Experience
- Bachelor’s or master’s degree in computer science, cybersecurity, software engineering, or a related field. MBA or equivalent business experience is a plus.
- Proven experience as an Information Security Manager or CISO in a senior information security leadership role within the IT sector.
- In-depth understanding of cybersecurity technologies, protocols, and best practices.
- Industry certifications such as CISSP, CISM, or equivalent is highly desirable.
- Strong understanding of cybersecurity laws, regulations, and best practices.
- Strong knowledge of software development processes and methodologies.
- Knowledge and understanding of financial markets, regulations and industry-specific technology trends is a plus.
Soft Skills
• Excellent leadership and team management skills, with the ability to inspire, mentor, and motivate teams to deliver exceptional results.
• Strong strategic mindset, with the ability to align technical initiatives with business objectives.
• Robust communication and presentation skills, with the ability to effectively interact with clients, stakeholders, and executives.
• Determination in delivering on objectives, favoring simplicity.
• High organizational skills to set priorities, action plans, and monitor their progress.
• High ethical standards.
• Executive communication and exposure with top management colleagues.
• Systematically look for solutions by mobilizing resources at every level of the organization.
• Flexibility and change management in complex organizations, notably involving information systems.
Communication
- Fluent in French and English (written and spoken).
- Good communication skills written and oral.
What you can expect of us
• Working in an inspiring FinTech spirit: A dedicated team awaits you to join them in challenging the established rules and creating a new financial environment that would be simpler and more transparent for everybody.
• Fast personal developments: As a FinTech, everybody on board has a crucial role to play and will be quickly granted responsibilities. This is a great opportunity for you to challenge your skills and talents without having to wait for several years to get to a position with decisional power.
• Collaboration with dynamic talents: Who better than millennials could build solutions for millennials (or rather anyone with the same progressive mindset)? That’s why we have chosen to trust young talents who are craving innovation, to build products they would like to use.
• A people-oriented culture: We will ask you to be passionate about your job, and to love sharing your expertise.
Work location
HQ: 36 Rue de Mulhouse, 4020 Liège
Gambit has a half time (or less) work-from-home policy