Head of Information Security

Who we are:

RBI Retail Innovation is a product development company, a part of the group of Raiffeisen Bank International (Vienna, Austria).

We are fast-growing and working for the EU markets. Now we have Poland and Romania in our scope. During the next few years will be added 3 new EU countries.

Our projects include the design, delivery, and post-delivery activities of next-gen digital banking platforms.
 Our team is international but mostly consists of Ukrainian developers. We have offices in Kyiv and Rivne.

Our mission is Provide seamless banking with ease and speed that’s built for people. Our values are People, Product, Client.

About you:

• 5+ Years experience in IT security management roles
• Nice to have: Hands-on experience in IT Operations and IT Management
• Expert knowledge and experience in Information Security and IT with regard to concepts, methodologies, technologies and products (such as OWASP, COBIT, ITIL, etc)
• Expert knowledge in security in Web-technologies (e.g. Application Security, API-Security, Mobile Security, AWS Cloud Security) and experience on facilitation of 3rd party penetration testing
• Practical experience in large enterprises and audit participation
• Have a degree in Security/Engineering, Computer science
• Good understanding and practical experience on security systems and processes (IAM, Encryption, Network security, WAF, IPS/IDS, SIEM, DLP)
• Expert knowledge in technical Information security architecture
• Ability for independent decision-making and issue resolution
• Leadership commitment
• Strong team orientation
• Upper-intermediate English
• Security certifications (e.g. CEH, ECSA/LPT, CISP, CCSP) are an asset
• Experience in a large international banking environment is an asset

You will:

• Participate in digital bank platform development as responsible for security requirements and management
• Implement IT governance and security regulations (policies and standards) according to established standards (e.g. ISO 27001)
• Cooperate with delivery team to implement security regulations and procedures
• Analyze and evaluate risks of security relevant changes as well as identify vulnerabilities / security risks and draw up proposals for improvements and/or initiate countermeasures
• Design, assess and improve IT Controls ( based on EBA security guidelines)
• Business continuity management
• Implementation and management of IT services using the principles and methods associated with industry best practices (e.g. ITIL)

Responsible for the development and maintenance of the group-wide Information Security program with a focus on technical Information Security Services

In scope are design, implementation and continuous improvement of Information security services and processes, such as Cloud Security, Application Development Security, Penetration Testing, Data Leakage Prevention, Incident Management, Vulnerability Management, etc.

Responsibilities include a definition of suitable standards, frameworks, methodologies processes and assurance that all information security measures are adequately implemented to prevent business disruptions or harm to RBI group resources (data, systems), e.g. through electronic fraud, cyberattacks, distributed denial-of-service attacks (DDOS), or similar.

What we offer:

• To be a part of innovative Digital bank development for EU and work with some of the most talented and experienced people in the Fintech industry

• Competitive salary
• Hybrid model of work with ability to work from home or office (Kyiv or Rivne)
• Personal and professional growth, corporate English courses
• Paid sick days-off and 20 working days of vacation per year
• Medical insurance