IT Security Officer Permanent NEW

Help Us to Shape the Banking of Tomorrow

The Avaloq group is an internationally leading fintech company. With its core and digital banking software and its international network of Business Process Outsourcing (BPO) centres, Avaloq brings trustworthy and efficient banking to the world, delivered through great user experience. Headquartered in Switzerland, Avaloq has branches in the most demanding financial centres worldwide and serves around 155 banks and wealth managers and the 270 Swiss cooperative banks. Avaloq’s growing ecosystem comprises among others over 2’000 employees from 66 nationalities and more than 500 third-party developers that co-innovate with Avaloq.

More information on

The responsibilities

• Develop and maintain the APAC’s Information Security Management System (ISMS) to assure continuous compliance with regulations, laws and contractual obligations by adopting and deploying industry and market standards and accepted best practices.
• Develop and maintain a security control framework to ensure that security management systems and policies are effective, providing recommendation and remediation.
• Develop and maintain a standard security contract framework for ITO outsourcing to ensure a harmonised and consistent security control framework.
• Develop emergency procedures and oversee incident responses as well as the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as required.
• Develop and maintain a security awareness program to assure a widespread culture of information security awareness.
• Manage the development and implementation of security policies, standards, guidelines and processes to ensure the ongoing maintenance of physical and logical security.
• Participate in the security operational risk management activities as part of the Enterprise Risk Management to identify threats and institute appropriate security programs.
• Conduct independent security audits and risk management assessments to verify and provide an opinion on the security posture.

Your profile

• Minimum of 5 to 10 years of experience in a similar role, i.e. in a combination role of security risk, information security and IT.
• Proven experience in analysis, identifying, monitoring and controlling security risks
• Experience in managing Identity / Access management, Intrusion Detection / Prevention, Data Protection and Data Leakage Prevention applications / devices including installation, configuration and its availability
• Extended knowledge of relevant international security standards (ISO/IEC 27000-series), best practices (CobiT, ITIL), third party reporting (ISAE3402, SOC), trends and legal and regulatory requirements for data protection and outsourcing in the financial sector (e.g. MAS, HKMA).

Click the “Apply Online” button now to apply to this position! Kindly note that only shortlisted Candidates will be contacted for next steps.