Jobbeschreibung
ODDO BHF is a Franco-German financial group with a history spanning more than 170 years. The Group evolved from a French family-owned bank and a German private bank with a focus on small and medium-sized enterprises. ODDO BHF employs 2,500 people (around 1,300 in Germany and Switzerland and 1,200 in France and Tunisia), manages €140 billion in assets for its clients and is active in Private Wealth Management, Asset Management and Corporates & Markets. About 65% of the Group's capital is held by the Oddo family, and about 25% by its employees. This collaborative partnership ensures a high level of employee engagement over the long term. Our unique business model is focused on quality that meets the highest standards.
Accordingly, we look for employees who are dedicated to excellence and demonstrate consistent commitment.
- Define and execute cybersecurity audit-/control-plans on ODDO BHF's information- and ecosystem internally and for external outsourcings
- Input on technical and regulatory development of ODDO BHF's policy, procedures, standards and guidelines
- Support in establishing the methodologies and practices required for ODDO BHF's information security management system
- Define cybersecurity technical scope, objectives and criteria derived from ODDO BHF's Information Security Management System (Policies & Procedures), Key Risk Indicators, Risk-Assessment & Audit Results, based on regulatory requirements in France and Germany
- Review target of evaluation, security objectives and requirements based on the risk profile
- Examine compliance with cybersecurity-related laws and regulations applicable to a European Bank & Asset Manager (MaRisk, BAIT, ACPR Arrêté and Notice, EBA Guidelines, SWIFT CSP…)
- Audit conformity with cybersecurity-related applicable standards (ISO 2700x, BSI, NIST etc.)
- Maintain and protect the quality and integrity of documentation records
- Align with stakeholders on remediation measures
- Organize and work in a systematic and deterministic way based on evidence
- Follow and practice control and auditing frameworks, standards and methodologies
- Apply control and auditing tools and techniques
- Analyze business processes, assess and review software or hardware security, as well as technical and organizational controls
- Communicate, explain and adapt legal and regulatory requirements and business needs
- Plan and conduct relationship management in a systematic and deterministic manner
- Collect, evaluate, maintain and protect documentation
- Collaborate with key stakeholders from business and IT in a professional manner
- Technical university degree and technical certifications in Information Security and IT Audit
- Proven track record of work experience in the sector of financial institutions
- Work-life balance
We support you with individualized part-time models and the possibility to work remotely in a flexible way - Attractive remuneration
You can expect a competitive salary, a Deutschlandticket, and capital-forming benefits - Holiday
30 days of holiday plus an additional 6.5 days of compensatory time off (full-time) per year / bank holidays on 24 & 31 December - Company pension
Benefit from our high-performance company pension scheme - International Mobility
We promote group-wide exchange with various mobility options - Further education & foreign language support
Continued development of your skills through our training programme and take advantage of the opportunity to attend language courses - Health & Catering
Benefit from our in-house-canteen and take advantage of our company sports facilities as well as our bicycle programme - Security
Our Employee Assistance Programme offers you fast and effective help in problematical professional and personal situations