The Senior Business Control Officer for Information Security will play a crucial role in ensuring the robust security and control of Client's IT infrastructure. Responsibilities include implementing the organization's priorities, working with the Chief Information Security Office and Technology Governance Team to establish a strong risk management framework,  determining risk appetite, monitoring the IT and IS risk profile, and reporting. This role requires extensive experience in IT and security, a deep understanding of risk management principles, and familiarity with relevant standards and methodologies (e.g., ISO/IEC 27000). The position is pivotal in supporting Client's transformation and ensuring the security of its systems.

<p><span style="color: rgba(0, 0, 0, 0.6);">Luxoft, a DXC Technology Company (NYSE: DXC), is a digital strategy and software engineering firm providing bespoke technology solutions that drive business change for customers the world over. </span></p>

Luxoft

Senior QA Automation Python Engineer

Senior ML Engineer

Senior Java Developer

Senior React Developer

Technical Business Analyst

Senior Angular Developer

Solution Architect

DevOps Engineer with Azure

<div class="job__grid__about-job">
                <div class="job__grid__about-job__description">
                    <h5 class="job__grid__about-job__description__title">
                        Project description
                    </h5>
                    <p class="body-l-regular job__grid__about-job__description__text">
                         The Control Office, part of the COO division, is responsible for:<br> - Monitor the implementation of the non-financial risk management framework<br> - To design and review effective and adequate frameworks of internal control mechanisms in cooperation with the Client infrastructure/business functions, with a particular focus on so-called 'lessons learned' and 'health checks'<br> - To support risk managers in implementing and improving the framework of internal control mechanisms<br> - To establish a review process of the operational risk profile<br> - To monitor and report control indicators<br> - Improve behavioral standards through increased awareness (in collaboration with HR and Compliance)<br><br>Following the split and IPO in 2018, Client has begun to become independent from his previous organization, but significant dependencies remain, particularly in the areas of IT infrastructure, applications and information security (IS). In 2024, a transformation program is launched to ensure that Client's IT infrastructure is separated, thus ending this dependency.<br>After completion of this initiative, Client will have sole responsibility for its entire IT environment and, as one of the world's leading asset managers, must therefore have adequate management and control mechanisms in place. To support the organization in this, new job profiles are currently being created in the Control Office.<br>The newly created job profile of the 'Senior Business Control Officer for Information Security' will report to the Head of the Control Office team for COO and work closely with the Chief Information Security Office, the Technology Governance Team, those responsible for applications and IT infrastructure, and the function responsible for information security in the 'Second Line of Defense'.
                    </p>
                </div>
                <div class="job__grid__about-job__responsabilities">
                    <h5>Responsibilities</h5>
                                        <div class="job__grid__about-job__responsabilities__list">
                                                   <div class="job__grid__about-job__responsabilities__list__item">
                            
                            <p class="body-l-regular">
                                Ensuring the implementation of the priorities of the organization and the Control Office such as findings management, post-incident reviews, risk &amp; control assessments, scenario analyses, monitoring of risk appetite, risk metrics, and transformation activities regarding IT and IS risk management
                            </p>
                        </div>
                                                    <div class="job__grid__about-job__responsabilities__list__item">
                            
                            <p class="body-l-regular">
                                Working with the Chief Information Security Office and the Technology Governance Team to create a context-specific framework and governance processes that enable IS and IT risks to be identified, managed, and reported on, including appropriate dashboards and metrics for the future multitude of IT service providers
                            </p>
                        </div>
                                                    <div class="job__grid__about-job__responsabilities__list__item">
                            
                            <p class="body-l-regular">
                                Support in determining, reviewing, and adjusting the organization's risk appetite with regard to IS; monitoring the IT and IS risk profile with regard to risk appetite and corresponding reporting
                            </p>
                        </div>
                                             </div>
                </div>
                <div class="job__grid__about-job__skills">
                    <h5>Skills</h5>
                    <p class="body-xl-semibold job__grid__about-job__skills--subtitle">
                        Must have
                    </p>
                                        <div class="job__grid__about-job__skills__list">
                                                   <div class="job__grid__about-job__skills__list__item">
                            
                            <p class="body-l-regular">
                                Experience 15+ years in information technology at an enterprise level
                            </p>
                        </div>
                                                    <div class="job__grid__about-job__skills__list__item">
                            
                            <p class="body-l-regular">
                                Experience 5+ years in security (technical and organizational aspects), ideally in combination with experience in the financial industry, management consulting, auditing, or a technology company
                            </p>
                        </div>
                                                    <div class="job__grid__about-job__skills__list__item">
                            
                            <p class="body-l-regular">
                                Solid knowledge of relevant industry-specific and regulatory investigation methodologies and/or standards (e.g. ISO/IEC 27000 Series, COBIT5) required
                            </p>
                        </div>
                                                    <div class="job__grid__about-job__skills__list__item">
                            
                            <p class="body-l-regular">
                                University degree (computer science, business administration, natural sciences, or comparable); focus on information technology and information security preferred
                            </p>
                        </div>
                                                    <div class="job__grid__about-job__skills__list__item">
                            
                            <p class="body-l-regular">
                                Knowledge of the principles of operational risk management and experience in risk management
                            </p>
                        </div>
                                                    <div class="job__grid__about-job__skills__list__item">
                            
                            <p class="body-l-regular">
                                Advanced knowledge of MS PowerPoint, Excel and Word
                            </p>
                        </div>
                                                    <div class="job__grid__about-job__skills__list__item">
                            
                            <p class="body-l-regular">
                                Very good knowledge of English (spoken and written)
                            </p>
                        </div>
                                             </div>
                    <p class="body-xl-semibold job__grid__about-job__skills--subtitle">
                        Nice to have
                    </p>
                                        <div class="job__grid__about-job__skills__list">
                                                   <div class="job__grid__about-job__skills__list__item">
                            
                            <p class="body-l-regular">
                                Additional certifications that would be advantageous include CISSP, CISA, ISO 27001 Lead Auditor, Six Sigma, or similar qualifications.
                            </p>
                        </div>
                                             </div>
                </div>

                <div class="job__grid__about-job__other">
                    <h5>Other</h5>
                    <div class="job__grid__about-job__other__items">
                        <div class="job__grid__about-job__other__items__item">
                            
                            <div class="job__grid__about-job__other__items__item__text">
                                <p class="caption-xs-bold">Languages</p>
                                <p class="body-l-regular">
                                    English: C2 Proficient
                                </p>
                            </div>
                        </div>
                        <div class="job__grid__about-job__other__items__item">
                            
                            <div class="job__grid__about-job__other__items__item__text">
                                <p class="caption-xs-bold">Seniority</p>
                                <p class="body-l-regular">
                                    Lead
                                </p>
                            </div>
                        </div>
                    </div>
                </div>
            </div>