Information Security & Data Protection Specialist
About Us
Rothschild & Co is a leading global financial services group with seven generations of family control and a history of over 200 years at the centre of the world's financial markets.
Our expertise, intellectual capital and global network enable us to provide a distinct perspective that makes a meaningful difference to our clients, communities and planet.
We have 4,200 talented specialists on the ground in over 40 countries around the world, enabling us to deliver a unique global perspective across four market-leading business divisions Global Advisory, Wealth Management, Asset Management and Five Arrows.
As a family-controlled business built on relationships, we place a huge emphasis on our people and finding the right colleagues to take our business forward.
Rothschild & Co is committed to an inclusive and supportive environment where diversity and different perspectives are valued.
We are focused on the attraction and recruitment, development and retention and progression of high calibre talent to ensure we and our clients benefit from the value of difference.
Overview of Role
Rothschild & Co Bank AG’s (R&CoBZ) Information Security & Data Protection team is responsible for defining and overseeing the delivery of the information / cyber security strategy and data protection programme.
The team is part of the wider Group Information Security within the Group Risk function.
The Data Protection Specialist will play a key role in liaising with the regional Information Security Officer, DPO and Group Information Security to ensure a consistent delivery of data protection and information security to all R&CoBZ locations.
This role is suitable for a security & data protection specialist with primary experience on Data Protection and additional knowledge in Information Security.
The ideal candidate would have a solid understanding of regulatory landscape such as FADP, GDPR, FINMA and the EBA, and cyber security and risk management concepts and frameworks.
Responsibilities
- Assist the Data Protection Officer in the delivery, maintenance and monitoring of the Data Protection program (E.g. registry of processing activities, policies, procedures and tools) ensuring on a regular basis that all data subject to protection have been properly and exhaustively identified and inventoried, and remain properly safeguarded from any unauthorized access
- Support the Business in executing the Data Protection Impact Assessments, design and perform recurrent data privacy assessments / audit
- Define data protection requirements during business and IT projects and ensure their implementation (Privacy by design and by default)
- Liaise with local legal department to ensure proper adherence to regulatory framework applicable to Data Protection
- Liaise with group security and data protection function to ensure adherence to group standard
- Contribute to the ongoing improvement of various information security initiatives including but not limited to education and awareness, risk and control maturity improvement, data loss prevention, third party risks management and data protection
- Support the execution of regular Information Security and Data Protection audits and assessments (e.g. internal, external, regulatory)
- Promote security awareness within the firm by assisting security awareness and education activities
- Assist in performing risk assessments and control maturity assessments and ensure risks, control gaps and remediation activities are clearly communicated to business stakeholders
- Ensure proper application of above-mentioned tasks to subsidiaries of R&CoBZ, when applicable
Experience, Skills and Competencies Required
- At least 3 years working experience in Data Protection & Information Security preferably if in the financial sector or consulting
- Bachelor’s or Master degree in Law, Privacy or Information Security related fields
- Strong knowledge of GDPR and FADP
- Knowledge of Swiss and EBA banking regulations and their application to technology
- Knowledge of international security standards and frameworks such as NIST, CIS, ISO27001, etc.
- Self-motivated and delivery focused the candidate must be able to work independently and switch between several simultaneous projects and effectively prioritise work
- Team playing and communication skills the candidate must be a team player and able to effectively interact with other team members of the R&CoBZ Information Security team
- Strong problem solver and good analytical skills
- Good knowledge of English language, German language desirable but not necessary
- Desirable Qualifications CIPP / E, ISACA CISA, CRISC or CISM
Benefits
- Rothschild & Co is committed to safeguarding and enhancing the health and wellbeing of all its employees. To support this, Rothschild & Co provides all employees with a range of healthcare services and benefits that aim to support their overall wellbeing
- We are conducive to creating a working environment and culture where people can succeed
- We provide a variety of inhouse trainings, as well as tuition assistance for further education and training courses
- Everyone can choose to incorporate agile working principles into their working week
- We have learned a great deal about the adaptability, commitment and resilience of our people. We believe there are opportunities for all of us to enhance our working lives and outcomes, by applying a more flexible approach to where and when we work and up to 40% of your work time can be performed from home.