Information Security Risk Analyst

About Temenos

Temenos powers a world of banking that creates opportunities for billions of people and businesses everywhere. We do this through the pioneering spirit of 5000+ Temenosians who are passionate about making banking better, together.

We serve 3000 banks from the largest to challengers and community banks in 150+ countries. We collaborate with clients to build new banking services and state-of-the-art customer experiences on our open banking platform, helping them operate more sustainably.

At Temenos, we have an open-minded and inclusive culture, where everyone has the power to create their own destiny and make a positive contribution to the world of banking and society.

THE ROLE

The Information Security Risk Analyst will be responsible for identifying, assessing, and mitigating potential security risks to the organization. This role will involve working closely with other departments to ensure that information security best practices are integrated into all aspects of the organization. The Information Security Risk Analyst will also support other functions in meeting regulatory compliance, such as GDPR.

OPPORTUNITES

• Conduct regular risk assessments to identify potential security threats using a documented risk assessment methodology and underlying procedures.
• Analyze and evaluate security risks and vulnerabilities in the organization.
• Monitor compliance with security policies and procedures.
• Conduct risk identification, analysis, and propose risk treatment plans, including the selection and implementation of controls to manage or mitigate identified risks.
• Monitor control implementation and execution and escalate any identified issues to management through the defined escalation path.
• Assist IT Application Owners and other key stakeholders in creating a secure environment by evaluating IT Security needs during the initial stages of the system development process and determining the most appropriate information security controls to implement.
• Partner with risk owners and other business units to design and maintain internal controls that align with our risk appetite and to ensure the quality of our processes from a security perspective.
• Review evidences related to IT Controls implementation as well as control effectiveness to confirm that controls are functioning as intended.
• Maintain the risk register and ensure that it is updated on a regular basis to reflect new risks and changes in risk treatments.
• Expand the information security risk register with all identified risks from policy gaps, policy exceptions, internal and external assessments.
• Document risk assessment methodology and underlying procedures, and ensure they are regularly reviewed and updated.
• Report on risk assessments, coverage, and issues through reporting and dashboarding tools to management, stakeholders, and other business units.
• Support other functions in meeting regulatory compliance, such as GDPR, by providing guidance and assistance with compliance-related tasks.
• Maintain and improve internal control framework to assure compliance with applicable regulatory and legal requirements.
• Develop and implement security policies and procedures.
• Perform policy gaps assessments and define risks from identified gaps.
• Monitor compliance with security policies and procedures.
• Work with other departments to integrate security best practices into their processes.
• Keep abreast of new security threats and technologies.
• Provide training and education on security best practices.
• Participate in incident response and crisis management planning.
  
  
  

Skills

• Bachelor's degree in computer science, Information Technology, or a related field.
• Minimum of 3 years of experience in information security and assurance.
• Experience with risk assessment and management.
• Experience with security technologies such as firewalls, intrusion detection systems, and encryption is a plus.
• Familiarity with common compliance standards (SOX, SOC2, PCI-DSS, GDPR etc.) and experience working directly with internal or external auditors for at least one of the listed standards.
• Nice to have security-related certifications : CRISC, CISM, CISSP or similar.
• Knowledge of security best practices and regulatory compliance requirements, including GDPR
• Familiarity with Microsoft tools and technologies, such as Power Apps, Power Automate, SharePoint, and similar, to support integration and automation initiatives within risk assessment operations is a plus.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team.
  
  
  

VALUES

• Care about transforming the Banking landscape.
• Commit to being part of an exciting culture and product evolving within the financial industry.
• Collaborate effectively and proactively with teams within or outside Temenos.
• Challenge yourself to be ambitious and achieve your individual as well as the company targets.
  
  
  

Please make sure to read our Recruitment Privacy Policy