Keywords:
Fraud, IT Security
Type:
Permanent employment
Location:
Amsterdam
Education:
Bachelor (EQF 6), Master (EQF 7)
Published:
19/10/2020
Status:
Open
Apply before:
30/10/2020
Hours p/wk:
40

Description:

What you'll do

The Fraud & IT Security Officer has highly specialised knowledge of the development, implementation and monitoring of the most complex strategies/systems for the minimization of fraud across the portfolio of the organisation’s interests, activities and services. Is highly experienced in the field of fraud, gives advice on strategic policy and supports senior management. Works closely with clients and external parties to monitor and resolve the most complex fraud issues. Investigates the origin of the most complex fraud issues to prevent future issues. Supervises team members and advises higher management on complex issues that require a certain level of diplomacy.

 

 

You report to the Global Head of IT Risk based in Amsterdam. In this role you will:

 

Within the domain of Fraud (Fraud Officer)

  • determine Fraud Management measures for Tech processes and services. You focus on Prevention, Detection and Response and facilitate and monitor implementation of measures to accomplish this;
  • implement and refine standardized procedures to act on alerts within the Tech domain, as set by the Fraud department
  • initiate and organize Fraud training and awareness for the Tech employees
  • understand and monitor the fraud threat landscape
  • design and follow communication guidelines in relation fraud incidents and risks
  • co-create KCT test plans and quality criteria to evidence adherence of the Anti-Fraud key controls with Tech process and service stakeholders, CISO and CSI
  • monitor the implementation of key controls and where applicable identify weaknesses.
  • design, implement and/or monitor remediation plans

 

Within the domain of IT Security (Head of IT Security)

  • challenge/verify the correctness /completeness of scope of monitored events and effective follow up on alerts;
  • follow up on threat intelligence and Red &Blue team test results;
  • ensure the process/asset owner has taken timely and right action upon threat intelligences received;
  • ensure alerts /vulnerabilities / findings from the various sources (security monitoring /vulnerability scanning/ pentests/ responsible disclosure process) are administrated for tracking and remediation;
  • validate and approve deviations to Security Baselines;

 

You also challenge and improve:

  • the yearly Red & Blue team testing plan and execution;
  • the responsible Disclosure process and its adherence with Bank CISO guidelines;
  • the follow-up of actions and remediation plans