HQLAᵡ  IT Risk Officer (Luxembourg)

‍

‍

About HQLA^X 

HQLA^X is an innovative financial technology firm founded by financial market practitioners. Our vision is to accelerate the financial ecosystem’s transition towards frictionless ownership transfers of assets, and our core clients are financial institutions active in securities lending and collateral management.Together with Deutsche Börse, we created a multi-layer operating model which enables our clients to transfer ownership of securities across disparate collateral pools at precise moments in time, providing our clients with capital cost savings by reducing credit risk, intra-day liquidity requirements, and operational risk.

‍

Position 

Reporting to the COO, the IT Risk Officer will work with internal and external stakeholders to control IT risk, and to design, document and evidence risk control mechanisms. To this end, the IT Risk officer will work with company management and colleagues in tech, finance, product development and sales, as well as our clients, stakeholders and partners. Experience with IT risk management in the financial industry is a plus – the willingness to learn, the ability to adapt to a dynamic environment and a commitment to helping build our vision and embracing our cultural values are essential. In return, we offer attractive compensation and benefits, including the opportunity to participate in the company’s growth, as well as flexible work-from-home arrangements and a commitment to work- / home-life balance. 

‍

The position is based in Luxembourg. Some travel within Europe may be required. 

Responsibilities 

The IT Risk Officer will

• control internal IT risk in an effective and efficient manner;
• represent the company during risk and security assessments/audits;
• perform internal audits to validate the design and effectiveness of IT security controls;
• report to the company's Risk Officer and Risk Committee;
• stay up to date on security technology, industry practices, and relevant regulation;
• track risk issues;
• review security posture of partners and suppliers;
• maintain relevant personal certifications.

‍

Key requirements

To be successful in this role, the IT Risk officer must have

• a solid IT education, university degree;
• solid knowledge of IT security concepts and mechanisms, including

             - access control mechanisms

              - PKI

              - encryption

              - digital signatures

              - logging, monitoring, alerting

              - secret management

              - key management

• practical knowledge of key technological components used at HQLA-X (Azure, Unix, MacOS, Azure AD, JVM, message brokers, REST APIs)
• practical experience with the implementation of IT Risk/Security frameworks such as SOC 2 Type, ISO 27001, NIST Cyber Security, etc.
• experience with threat modelling and threat modelling methodologies (e.g., STRIDE)
• good communication skills (calls, reports, etc.);
• good organizational skills (carefully tracks issues, remediation, etc.).

‍

Nice to have

Ideally, the IT Risk officer will have

• blockchain knowledge;
• relevant certifications (e.g., CISSP);
• experience as an IT risk/security auditor in the financial industry.

‍

More information on HQLAᵡ is available here: www.hqla-x.com

‍Interested in this role? Please apply in English at careers@hqla-x.com

HQLA^X is committed to building a diverse team. We encourage candidates of all different backgrounds and identities to apply.