Ph3Mission /h3 pOperating in a highly regulated banking environment (FINMA, EBA, DORA, etc.) and amid accelerating digital transformation – including the expansion of e-banking and mobile banking services, the Group Risk Department is seeking a senior cybersecurity specialist to carry out second‑line control activities. /p pIndependent of first‑line operational teams, the role holder contributes to ensuring the effectiveness, consistency, and regulatory compliance of the Bank’s cybersecurity framework. /p h3Main responsibilities /h3 ul liExecute the second‑line control plan across the full cybersecurity perimeter: IAM, PAM, endpoints, cloud, networks, e‑banking and mobile banking. /li liConduct periodic and thematic controls on security processes and measures implemented by first‑line operational teams, ensuring that information security risks are identified, assessed, treated, and reported to relevant stakeholders. /li liVerify compliance with banking regulatory requirements (e.g., FINMA, EBA, DORA, etc.). /li liProduce well‑documented control reports, issue actionable recommendations, and monitor the progress of remediation plans. /li liContribute to maintaining cyber risk indicators (KRI/KPI), and feed reporting to the Head of Cyber Risk Control. /li liMaintain a regulatory watch specific to the banking sector, and flag impacts on the control framework. /li liWork collaboratively with Internal Audit and Group Security within a three‑lines‑of‑defense model. /li liSupport first‑line teams in understanding control requirements and fostering a cyber risk culture tailored to the banking sector. /li /ul h3Your Profile /h3 ul liMaster’s degree (or equivalent) in Computer Science, Cybersecurity, Information Systems Engineering, or a business school with a specialization in security. /li liMinimum 7 to 12 years of experience in cybersecurity, ideally in a banking institution. /li liGood command of frameworks and working knowledge of FINMA circular on operational resilience, DORA, EBA Guidelines on ICT and Security Risk. /li liGood understanding of technical architecture (network, cloud, IAM, AD, fraud prevention). /li liAbility to document findings clearly and communicate them to both technical and non‑technical stakeholders. /li liAnalytical rigor, autonomy, and a collaborative working style. /li liProficiency in French and English, both written and spoken. /li /ul h3Core Competencies /h3 ul liCritical thinking and objectivity in assessing control frameworks. /li liAbility to work cross‑functionally with diverse stakeholders. /li liProactive, solution‑oriented mindset when facing identified risks. /li liProfessional integrity and respect for confidentiality. /li liAppetite for regulatory watch, continuous improvement, and knowledge sharing. /li /ul h3Others /h3 ul liSwiss Residence /li /ul /p #J-18808-Ljbffr