Head of IT Security - Executive Director (m/w/d)
Frankfurt, HE, DE, 60311
SMBC: A trusted partner for the long term
Here at SMBC Group, we want to help you find the next step in your career so read on to discover if this opportunity is the one for you. We like to recognise potential in our people, so we welcome your application even when your experience doesn’t perfectly align with the job description. Whilst we’ll always strive to be better, we’re proud of our inclusive culture, and encourage our applicants and colleagues to be their authentic, unique selves.
Who we are
United by a sense of purpose towards our customers – to be a trusted partner for the long-term – and our universal banking platform in EMEA, SMBC Group has an international growth agenda and award-winning products, meaning we provide exciting opportunities to work on a diverse range of projects and initiatives.
We deliver a full suite of corporate finance products and solutions to our customers as well as investment banking and advisory services, and a range of innovative solutions in global capital markets.
Read on to find out how you could enhance your skills and gain valuable experience, by joining us to support our clients transition to a sustainable future.
Role Summary
Is the next step in your career at SMBC Group EMEA? We’re looking for a Head of IT Security for our ITSD EU department to join our team.
The Head of IT Security SMBC EU AG is responsible for helping to define, implement, and oversee the organisation’s end-to-end information and cyber security strategy, ensuring protection of critical assets, regulatory compliance, and operational resilience.
This role provides leadership across SMBC EU AG ensuring alignment with enterprise risk frameworks and regulatory obligations (e.g. ECB, DORA, NIST, CRI).
The anticipated annual salary range for this role is 102,000 – 154,000 €, with the final offer determined based on the candidate’s skills, experience, role scope, location, and relevant market factors. In addition to base salary, the role may be eligible for a discretionary incentive award and a competitive benefits package, including core benefits such as pension provision.
Business Area
This role supports SMBC EU AG's continued growth and increasing regulatory expectations under ECB supervision.
The Head of IT Security is responsible for maintaining an effective cyber and information security control environment and ensuring compliance with regulatory requirements.
Working closely with the EMEA CISO and key stakeholders, the role oversees security risk management, regulatory engagement, audit activities, and the implementation of EMEA and Group security standards.
Position Description
Accountabilities & Responsibilities
- Work with the EMEA CISO to define and deliver a multi-year IT security strategy aligned to business objectives and regulatory expectations
- Act as the senior authority for cyber security risk across IT and business functions with the EU AG entity.
- Provide local SMBC EU AG executive-level reporting on security posture, risks, and remediation progress.
- Ensure effective identification, assessment, and remediation of security risks relevant to SMBC EU AG
- Drive continuous improvement aligned to industry frameworks (NIST CSF, CRI, ECB)
- Provide assurance that control effectiveness meets audit and regulatory expectations
- Collaborate with wider EMEA and Global SMBC Security teams to manage security risks relevant to SMBC EU AG
- Engage senior stakeholders across IT, Risk, Audit, and business units
- Provide clear communication on risks, incidents, and compliance status
Required Experience & Skills
- Significant leadership experience in IT or cyber security within financial services or regulated industries
- Strong knowledge of:
- Vulnerability management and security operations
- Security frameworks (NIST CSF, ISO 27001, CIS)
- Regulatory environments (Bafin / ECB, DORA, GDPR)
- Experience in audit engagement and regulatory remediation
Qualifications
- Bachelor’s degree in Information Security, IT, or related field (Master’s preferred)
- Relevant certifications such as:
- CISSP, CISM, or CISA
- CRISC or equivalent risk-focused certification
Competencies
What we offer
For all the expertise and experience you bring to help us make a difference, it’s only sustainable if we support you to build your career and be your best self so we offer competitive company benefits, centred around promoting positive well-bring and work-life balance. We also believe in fostering a diverse and inclusive work environment, where all team members perspectives and contributions are valued. Initiatives in place which promote a diverse and inclusive culture and healthy work life balance include hybrid working, Sport & Social Clubs and Diversity and Inclusion networks.
As an employee of SMBC you have access to a host of both useful and exciting benefit offerings. See below some of the benefits on offer to you:
- Hybrid and flexible working
- Competitive paid leave days
- Benefits to support your physical wellbeing, including private medical insurance
- Various policies to support your mental wellbeing, including a robust behavioural health network with counselling and coaching services
- Access a wide range of learning and development opportunities and career progression opportunities
- Ambitious remuneration package
So, if you like a challenge and want to continuously grow and develop in a role where you will be supported along the way by a dynamic and diverse team, apply today!
We recognise our role as a bank to support social change and welcome all applications, including those from groups often under-represented in financial services. We value the uniqueness of professional and personal, backgrounds and perspectives as they play a vital role in continuing the sustainable growth of our organisation. We’ll ensure reasonable adjustments to our recruitment process are offered due to a disability or long-term condition whenever requested.
We are committed to transparent and equitable pay practices. Compensation is determined using objective criteria, including skills, experience, and role responsibilities, and applied consistently throughout our recruitment processes. We do not request candidates' pay history and are committed to preventing unjustified pay disparities.