Information Security Risk Specialist at Garanti BBVA International

Amsterdam, North Holland, Netherlands -

Full Time

Start Date

Immediate

Expiry Date

16 Apr, 26

Salary

0.0

Posted On

16 Jan, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Information Security, Cybersecurity, Network Security, Application Security, Mobile Security, Data Security, Cryptography, Penetration Testing, Vulnerability Assessments, DevSecOps, Cloud Security, Azure, Risk Assessments, Security Policies, Disaster Recovery, Compliance

Industry

Banking

Description

We are seeking an experienced and technically proficient Information Security Risk Specialist with a minimum of 6 years in the information and cybersecurity domain. The ideal candidate will bring hands-on expertise across key security areas including network, application, mobile, and data security, as well as strong capabilities in cryptography, penetration testing, vulnerability assessments, DevSecOps, and cloud security—particularly in Azure or other public cloud environments. In this role, you will lead and contribute to security risk assessments, drive implementation of robust security controls, and support the organization’s broader security architecture and governance objectives. Candidates holding relevant industry certifications such as CISSP, CISA, or equivalent are strongly preferred. This is a critical role for a motivated professional looking to make a strategic impact in a complex, fast-paced, and security-conscious environment. Your role: Performing information and cyber security risk assessments and business impact assessments Performing cloud and vendor risk assessments Maintaining and managing Information Security Management System (ISMS) programme based on industry standards such as ISO2700x and COBIT Designing security controls on Microsoft 365 suite (SharePoint, Outlook, Entra ID, mobile device management) Planning and designing security frameworks and assisting to security architecture on various technology stacks such as Azure, applications, middleware, databases, networks etc Advising and consulting multiple IT projects through all phases of standard project lifecycles Defining, implementing and maintaining corporate security policies, procedures and controls Reviewing and monitoring vulnerability management and security hardening programme Performing, managing and coordinating penetration tests Managing information security risk reviews and mitigation follow-ups Contributing to information security policies and procedures reviews Managing data security and data governance (Microsoft Purview) tools Managing and maintaining security event monitoring (SIEM) systems Acting as Business Continuity advisor, participating in Disaster Recovery (DR) drills, and giving recommendations for improvements Assisting information security self-assessments in different security domains and regulation frameworks to ensure that the organization is compliant with relevant industry standards and regulatory requirements such as DORA, GDPR Collaborating with third party auditors during IT audits and contributing mandatory regulatory self-assessments such as DORA Who are we looking for? A colleague open-minded, very curious by nature and passionate about your job. You are not afraid to handle various tasks at the same time and meet tight deadlines. You are thinking proactively and always a step ahead, finding solutions with both internal and external stakeholders. You are a cooperating person who listens and invests in the work & persons to achieve common goals. You must naturally think out of the box and navigate in a fast changing and complex environment by questioning the how & the why. Skills/Qualifications: Master or Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (Must have) Preferred: - Minimum 6 years of experience on information and cyber security domains with technical know-how and active participation such as network security, application and mobile security, database and data security, cryptography, penetration testing, vulnerability assessments, DevSecOps, cloud security - Azure or other public clouds experience - Experience on information security risk assessments - Having security certifications such as CISSP, CISA or similar ones is preferred What we offer. Becoming part of a dynamic team in an international working environment. 30 vacation days. 13th Month. 8% holiday payment Laptop and Mobile phone. Annual extra appreciation payment. Pension Plan - Defined contribution scheme Collective Health Insurance – discount on additional health insurance. Educational budget and access to Coursera trainings Our organization: Work at Garanti BBVA International Garanti BBVA International (“GBI”) is a mid-sized European bank established in Amsterdam, the Netherlands since 1990 and serves to corporate and institutional and retail clientele. GBI is a wholly owned subsidiary of Turkiye Garanti Bankasi A.S. (Garanti) and has presence in Germany, Switzerland and Turkey. Our ultimate parent is BBVA. Aa dynamic “global boutique” bank, Garanti BBVA International offers fast, accurate, innovative, tailor-made and country-specific financial solutions in selected business lines though highly skilled and diverse talent management. We embrace creativity, are centered towards teamwork and oriented to create multicultural environment as we believe this to be a crucial element. Our vision is future-oriented and as a one big team GBI strives for corporate excellence and goal achievement. By joining our organization, you will find yourself constantly challenged and must be prone to apply out-of-the box thinking. Life at Garanti BBVA International GBI is a place for people who dream big and make their dream their goal. We look for people who will challenge the status quo in order to grow. We stand as one team, one family and together we are empowered to create our unique path, be agile, be curious and innovative. Strong partnerships ensure our success. Strong teams hold our foundation. We believe that diversity drives innovation and fosters personal development. We aim to create a working environment where employees are able to learn through support and coaching while contributing visibly to the success of bank. Our Core Values GBI is part of BBVA, an integrated and innovative financial institution that looks to the future, created with the mission of financing people’s dreams. That spirit continues to inspire us today and encourages us to transform people’s lives by helping them make the best decisions to fulfil their dreams. This mission is underpinned by our Purpose: “To bring the age of opportunity to everyone”. We live these values, which make us strong and allow us to achieve our purpose so we can keep creating opportunities. Customer Comes First We see our work from the customer's perspective, as we incorporate their point of view in every decision we make and always put their interests first. We meet our customer's needs in an agile way, overcoming any difficulties that arise. Think Big We want to amaze our customers with the best solutions to generate unique experiences. To achieve this, we set ambitious and inspirational challenges for ourselves, while questioning everything we do and posing new ways of doing things. One Team We are committed both to our individual role and the company's objectives as our own. We work as one team, trust our colleagues and break silos between units and hierarchical barriers. Application: If you are ready to join our team and contribute to the success of company, we encourage you to apply by submitting your resume and a cover letter via Online Application: Click on the link below to access our online application portal and submit your application. We appreciate your interest in our organization and look forward to reviewing your application. Should you have any questions or require further information, please don't hesitate to reach out. Please note that we do not appreciate any acquisition efforts for this vacancy by recruitment agencies.

Responsibilities

The Information Security Risk Specialist will lead security risk assessments and implement robust security controls while supporting the organization's security architecture. The role also involves managing information security risk reviews and collaborating with third-party auditors during IT audits.