Head IT Risk and Governance
SIX Group Services develops and operates the entire IT and facility infrastructure of SIX.
Head IT Risk & Governance
The DRO DGI is responsible for the independent overseeing of the overall IT risk situation of the Division Global IT according to the risk appetite of the SIX group, excluding strategic risks (treated separately by the divisional strategy manager). The DRO DGI is accountable to detect the main IT risk within the SIX Group and to provide mitigation measurements and provide actions together with first line of defenses. DRO DGI. defines the direction of IT security risk in alignment to Group Risk and regulations, to enforce the confidentiality, integrity and availability of SIX assets.
- Responsible of implementation of IT and security risk organization, methodologies and policies along the corporate risk governance.
- Execution of the Group risk appetite methodology and risk appetite limits to the divisional MC for approval and is oversee the implementation. Responsible to monitor the ongoing division risk situation against the risk appetite and to mitigate risk together in close collaboration with first line.
- Responsible to develop and maintain the overall IT risk framework in line with Group Risk regulations and common policies, standards, processes, methodologies, reports and tools to detect the main IT risk and to mitigate the risk accordingly within the risk appetite of the group.
- Verification of important IT controls on a regular basis to obtain an overall view of compliance to SIX security policies and standards and recognize industry best practice. Provide output into Risk Reporting and refer identified risks for mitigation actions and tracking.
- Continuously record and periodically update the security risk register. Ensure that IT risks are assessed at regular intervals and the implementation of IT risk measures is monitored regularly along with the effectiveness and efficiency of the measures. Provide a quarterly report reports on control status of mitigation measures of high risk based, spot checking of further risks.
- Manage a team of IT risk officers. Establish career development plans and training for direct reports and provide appropriate mentoring and coaching.
- Graduate degree, ideally in Information Technologies with further training on risk management.
- Fluent German and English language skills, others would be a plus.
- Proven IT risk management track record with broad experience in one or several business fields of SIX. High degree of understanding concerning the relevance of IT and security risks to the group's risk situation.
- In-depth know-how in the fields of IT risk and information security, knowledge of relevant regulatory requirements paired with ability and willingness to continuously update know-how.
- Strong background and profound practical experience in quantitative and qualitative risk management methodologies, amongst others with a particular focus on operational risks.
- Excellent communication skills including readiness to directly and effectively address matters of concern, respectful manner.
- High level of proactivity, efficiency and skills to work out complex topics.
- Structured working approach, deadline-driven.
We are looking forward to receiving your complete application electronically.
SIX Management AG, Arzu Güzelgün
T +41 58 399 48 41
We only accept online direct applications.