Information Security Officer

About Utmost International

Utmost International is a leading provider of insurance-based wealth solutions operating across the UK, Europe, Latin America, Asia, and the Middle East. Its solutions are largely based on unit-linked insurance policies, serving the needs of affluent, high net worth (HNW), and ultra-high net worth (UHNW) individuals.

About Utmost Luxembourg S.A.

Sitting at the crossroads of private banking, asset management, and insurance, we operate in a well-established and fast-growing division of the financial services industry. Our dynamic international team of 450+ experienced wealth structuring specialists, subject-matter and technical experts consists of 50 different nationalities, speaking over 30 languages.

We are a diverse and inclusive organisation driven by a values-based culture that promotes excellence, ambition, and innovation. We invest in talented teams who develop their expertise, curated through support and training, and fostered through a people centred culture. Our people truly are our greatest asset!

Your role – Are you ready for a challenge?

The Information Security Officer is responsible for the day-to-day infosec tasks, including in relation to risk management, infosec governance, internal and external audit support, access management and monitoring and reporting of infosec events and incidents.

This role is part of our Information Security Department and will be reporting to an Information Security Manager.

Your responsibilities will be as follows:

• Undertake internal security assessments and facilitate the creation of action plans with key business units;
• Perform information security operational tasks and day to day follow up of actions with the overall objective of ensuring the operational effectiveness of existing security controls, improve the overall control environment and reduce risk exposure;
• Assist with the review and maintenance of existing Information Security controls and the design of new ones in line with evolving business, security or legal/regulatory requirements;
• Actively follow-up access rights entitlement reviews and request validations;
• Develop and maintain relationships with business units, to emphasise and promote the importance of Information security, risk and governance management;
• Work with internal and external auditors in relation to information security audits;
• Conduct risk assessment activities and execute risk treatment plans;
• Analyse and support the remediation of information security incidents;
  

Your profile – Have you got what it takes to become our Job Title?

• Studies or initial experience in a combination of risk management, information security, and IT roles;
• At least 4-5 years of experience in Information Security or IT Security;
• Technical background in the field of security technologies and architectures;
• Knowledge of technological trends and developments in the area of IT and Information Security;
• Good communicator, ownership, problem-solving, solution oriented, service oriented, ability to adapt to a fast-paced environment, team work;
• Understanding of risk assessment and audit processes and techniques, specifically within the domain of financial information security;
• Basic knowledge of network and application security, as well as authentication, identity management and penetration testing technologies;
• Experience with DLP, NAC, SIEM, PAM and intrusion detection software;
• Understanding of advanced security protocols and standards;
• Understanding of software and security architectures and principles of secure network design;
• Have good understanding of anti-virus software, firewalls and similar products;
• Knowledge of generic software development lifecycle processes;
• Fluent English is a must. Any other European language would be considered as an asset.
  
• Professional certification, such as a CISSP, CISM, CISA or other information security credentials, is an asset;
• Working knowledge of security and control frameworks, such as ISO 27001, CobiT, COSO and ITIL.

As an equal opportunity employer, all qualified applicants will receive consideration for employment without regard to gender, colour, religion, sexual orientation, national origin, disability status, protected veteran status, or any other characteristic protected by law.

Given the sensitive nature of our business, industry sector and the role as described, the selected candidate is required to provide a criminal record (Bulletin n°3 for Luxembourgish residents). This excerpt will be kept by Utmost Luxembourg S.A. in compliance with article 8-5 (2) of the law of 23 July 2016 and for no longer than one month from the conclusion of the employment contract; otherwise, it will be destroyed without any undue delay should the candidate not be hired.

Utmost Luxembourg S.A. is aware of its obligations under the General Data Protection Regulation (GDPR) and is committed to processing your data securely and transparently.

Our Recruitment Privacy Notice is in line with GDPR and provides more information with regards to the types of data that we collect and hold on you as a job applicant, including for the performance of Background Checks.  It also sets out how we use that information, how long we keep it for and other relevant information about your data. For full details please click here Recruitment Privacy Statement

#utmost