Senior Information Security Risk Analyst

About the Company

We’re the world’s leading provider of secure financial messaging services, headquartered in Belgium. We move value across borders, cities, and continents with scale, precision, and trust.

Cyber Risk / Information Security Risk Specialist – Member of the Information Security Governance team supporting SWIFT Global Security GRC practices.

• Support information security risk assessments across business initiatives, technologies, and third‑party engagements, ensuring confidentiality, integrity, and availability risks are identified, assessed, and documented.
• Maintain and continuously improve the security risk management framework, including methodologies, policies, standards, and supporting documentation.
• Coordinate monitoring, reporting, and escalation of security risks, including managing the Security Risk Registry and supporting risk review and decision forums.
• Partner with stakeholders across Technology, Business, and Security teams to ensure consistent risk treatment, risk acceptance, and remediation tracking in line with risk appetite.
• Contribute to security governance activities, preparing management and committee reporting, metrics, and risk insights for senior stakeholders.
• Support compliance with regulatory, oversight, and audit expectations by providing clear evidence of effective information security risk management.
• Promote risk awareness and security‑by‑design by advising on controls, design decisions, and risk trade‑offs throughout the lifecycle of projects, products, and services.
• Act as a trusted subject‑matter expert on cyber and information security risk, continuously tracking emerging threats, control gaps, and best practices.

You will work closely with business units, risk department teams, technology teams, and other units in a diverse, collaborative environment. You will apply analytical skills and data‑driven insights to prioritize risks and drive meaningful change within SWIFT’s highly secure financial ecosystem.

• Broad knowledge of cyber security concepts including cryptography, authentication and authorization, access control, secure architectures, threat modeling, vulnerabilities, and software security.
• Strong knowledge of regulatory requirements such as GDPR, ISO
  27001, PCI‑DSS and experience in regulatory reporting.
• 3–5 years of experience in GRC and/or security risk management.
• Bachelor’s degree in computer science, cyber security, or a related discipline.
• Excellent interpersonal and communication skills for both technical and non‑technical audiences.
• Good analytical skills to translate complex GRC activities into clear and actionable insights.

• Relevant security certifications (e.g. CRISC, CISA, CISSP).
• Experience working for financial institutions or other critical infrastructures.
• Experience working within global organizations with offices around the world.
• Prior consulting or service‑oriented experience for internal and external customers.

• Autonomous, driven, with strong ability to quickly adapt and respond to change.
• Customer‑oriented and quality‑mindset – consistently delivering true customer value.
• Open‑minded, solutions‑oriented, and a true team player – gaining energy through collaboration.
• Fluent in English (spoken and written).

We foster a diverse and inclusive environment where every voice counts, encouraging personal growth and the application of innovative ideas. Employees have opportunities to advance careers across departments and disciplines worldwide.

We are committed to an inclusive and accessible recruitment process. If you require a reasonable accommodation related to accessibility during your application or interview, please contact accessibility‑ All requests are confidential and will not affect your candidacy.