Associate Information Security Officer

Job Posting Organization:
The European Investment Bank (EIB) is the bank of the European Union, established in 195

• It plays a crucial role in financing projects that contribute to the EU's policy objectives, including climate action, infrastructure development, and innovation. The EIB operates in over 160 countries and employs around 3,000 staff members, fostering a diverse and inclusive work environment. The bank is committed to promoting sustainable development and supporting the EU's goals through strategic investments and partnerships.

Job Overview:
The Associate security" style="border-bottom: 1px dotted #007bff !important;">security" style="border-bottom: 1px dotted #007bff !important;">Information Security Officer position at the EIB is a full-time role based in Luxembourg, requiring regular office presence. This position is situated within the Group Risk & Compliance Directorate, specifically in the Group Non-Financial Risk Department's Information Security Risk Unit. The primary purpose of this role is to safeguard the bank's information and systems by conducting various information security risk management activities. The successful candidate will be responsible for implementing and maintaining the Information Security Management System (ISMS), ensuring compliance with security policies, regulations, and industry standards. This role offers a unique opportunity to work in a dynamic environment where challenges arise daily, allowing for professional growth and development in the fields of cybersecurity, risk management, and governance. The Associate Information Security Officer will collaborate closely with various business areas within the bank to integrate information security into policies and procedures, ensuring a proactive approach to identifying and mitigating security threats.

Duties and Responsibilities:
The duties and responsibilities of the Associate Information Security Officer include supporting the implementation of the Information Security Management System (ISMS), assisting in the development and maintenance of information security-related policies, standards, and procedures, and ensuring collaboration with various departments such as IT Security and Data Protection. The officer will participate in the risk assessment process, contribute to the development of key risk indicators, and monitor the implementation of information security controls. Additionally, the role involves supporting business owners in conducting information security risk assessments, managing information security incidents, coordinating awareness programs, and collaborating with internal and external audit requests. The officer will also be responsible for identifying and performing due diligence for the implementation of security tools and ensuring the protection of the bank's information assets.

Required Qualifications:
Candidates must possess a university degree equivalent to a Bachelor’s degree in a relevant field such as risk management, IT, or information management. Relevant post-graduate studies or certifications such as CISA, CISSP, CISM, or GCIH are advantageous. A minimum of three years of relevant experience in information security, preferably within the financial services sector, is required. Candidates should have experience supporting information security implementation and/or conducting information security audits, along with a strong understanding of the interdependencies linked to cybersecurity in the financial sector. Knowledge sharing skills, including the ability to present and draft documentation effectively, are essential. Familiarity with ethical hacking techniques and experience with Cloud Service Providers are also preferred.

Educational Background:
The educational background required for this position includes a university degree, ideally in a relevant field such as risk management, IT, or information management. Candidates with additional post-graduate studies or certifications in information security will be viewed favorably. The EIB values continuous learning and offers training support to enhance the skills of its employees, particularly in areas related to information security and risk management.

Experience:
The position requires a minimum of three years of relevant experience in information security, ideally gained within the financial services domain. Candidates should have a proven track record of supporting information security initiatives and a solid understanding of the cybersecurity landscape, particularly as it relates to financial institutions. Experience in conducting information security audits and familiarity with the regulatory environment governing information security in the financial sector will be considered strong assets.

Languages:
Proficiency in English is essential, and a good command of French is also required, as both languages are official working languages of the EIB. Knowledge of other EU languages is considered an advantage. Candidates must demonstrate proficiency in both English and French to ensure effective communication within the organization and to meet the language requirements for career advancement.

Additional Notes:
This is a full-time position at grade 4, offering a permanent contract with the EIB. The recruitment process includes panel interviews anticipated for early January 202

• The EIB is committed to diversity, equity, and inclusion, encouraging all qualified candidates to apply regardless of their background. The bank provides relocation support for successful candidates moving to Luxembourg. Additionally, the EIB emphasizes the importance of maintaining the security and integrity of its information, requiring compliance with all relevant policies and controls.