Information Security Officer Information Security Officer …

State Street Corporation
in Dublin, Leinster, Ireland
Permanent, Full time
Be the first to apply
State Street Corporation
in Dublin, Leinster, Ireland
Permanent, Full time
Be the first to apply
Posted by:
Tahiya Chowdhury • Recruiter
Posted by:
Tahiya Chowdhury
The IFDS Europe Information Security Officer is a Senior Information Technology role within the IFDS Europe Change Management and IT organisation supporting the Cross Border business (Ireland and Luxembourg).

The IFDS Europe Information Security Office is built on 5 pillars:

  • Governance & Oversight
  • Client Engagement
  • Training & Awareness
  • Incident Management
  • ISO by Design


The ISO has responsibility for the overall framework, policy adherence and day to day tasks across each of the 5 pillars. IFDS Technology is provided by a combination of Group/JV technology functions and other 3rd party software providers and a key element of the role is developing a detailed understanding of the Information Security model, principles and controls adopted by each of these providers and to act as the primary Oversight partner for these services.



  • Own and maintain Information Security Policy and overall framework, ensuring both organisational compliance and alignment with regulatory bodies such as the Central Bank of Ireland, CSSF and EBA
  • Perform ongoing oversight of Group/JV Information Security functions and services – acting as primary liaison for all related MI/Reporting/Incident Management
  • Partner with Group/JV Security, Governance and Technology functions to align with strategic vision and goals – supporting significant projects as required
  • Support annual or periodic Due Diligence requests from clients or prospects (i.e. presentations, questionnaires, RFP responses etc.) and present at client board meetings as required
  • Prepare quarterly Board reports and monthly Business Risk Committee reports on the current Information Security Posture for both Ireland and Luxembourg
  • Communicate inherent security risks, awareness and training to technical and non-technical business users
  • Partner with the IT Vendor function and Risk & Compliance team on Information Security risk management activities including information security risk assessment, vendor reviews - lead the remediation of identified gaps and issues.
  • Perform application ISRMP (Information Security Risk Management Profile) exercises and own overall programme of ISRMPs for IFDS applications
  • Act as Senior Information Security escalation point for all significant incidents, issues or adhoc support requirements
  • Oversee UAM (User Access Management) function and control framework – including responsibility for quarterly user access recertification programme
  • Day to day oversight and management of Information Security analyst



  • Ability to prioritise effectively and multitask efficiently
  • SME knowledge and experience to provide technical input to strategic and operational initiatives within a large organization
  • Strong technical experience in infrastructure, software and hardware products and services
  • Business-minded: ability to understand business challenges and opportunities
  • Outstanding leadership, teamwork and people management skills
  • Demonstrated ability to work collaboratively and partner with employees, leaders, clients, and vendors, building trusted and sustainable relationships
  • Demonstrated ability to work in a virtual organization
  • Excellent communication, presentation, and documentation skills – including ability to translate technical information into business terms
  • Influencing: ability to accomplish goals through influence across the enterprise
  • Strong risk analysis and problem-solving skills



  • 10+ years Senior IT experience (Funds / Investment services an advantage)
  • Experience working with sophisticated, high transaction, high availability environments
  • Knowledge of Security fundamentals including access control, cryptography, vulnerability management, secure configurations, secret management, logging and alerting, and system and network Security
  • Understanding of Secure Software Development Life Cycle (SSDLC) practices
  • Understanding of infrastructure and platform technologies (Windows, Linux, virtualisation, public cloud, firewalls etc.) and related secure design patterns
  • Formal Information Security qualifications - e.g. CISSP, Security+ etc/
  • Solid understanding of relevant cross border regulations and guidelines (CBI, CSSF)



  • Some travel will be required as part of the role (~10%)


State Street Corporation logo
More Jobs Like This
See more jobs