Job Summary: 

• Manage ongoing security projects across the company
• Design and implement a security training program for all employees
• Manage compliance metrics with security frameworks
• Coordinate compliance with regulatory frameworks, including DFARS and CMMC
• Facilitate revisions and communication of the IT Policy
• Establish an IT risk management program
• Coordinate cyber resilience planning and drills
• Participation in key company initiatives to ensure security risks are being identified and addressed
• Compile business-relevant metrics to measure the effectiveness of security programs
• Prepare and present regular updates on IT security and the organization’s cybersecurity maturity level for senior company leadership

Skills on Resume: 

• Project Management (Hard Skills)
• Security Training (Hard Skills)
• Compliance Management (Hard Skills)
• Regulatory Knowledge (Hard Skills)
• Policy Development (Hard Skills)
• Risk Management (Hard Skills)
• Cyber Resilience (Hard Skills)
• Communication (Soft Skills)

Job Summary: 

• Incident response, investigations, and reporting
• Coordinate external security assessments and audits with the appropriate department or manager
• Responsible for the vendor risk management process
• Lead the Vulnerability Management and its process, tools and metrics
• Ensure adherence to SOC 2 and other generally accepted IT security and control practices throughout the IT landscape
• Ensuring the efficient Operational Risk management practices within Baltic IT, including New Product Approval Process, incident management, key risk indicators, internal controls and business continuity management within Baltic IT
• Work with IT risk assessments within the Baltic IT area
• Coordinate and consult on the compliance matters within the Baltic IT organisation
• Continuous collaboration with various stakeholders in the Baltic IT, Risk Oversight, Compliance, Internal Audit and Risk Management locally as well as SEB Group functions

Skills on Resume: 

• Incident Response (Hard Skills)
• Security Audits (Hard Skills)
• Vendor Management (Hard Skills)
• Vulnerability Management (Hard Skills)
• SOC2 Compliance (Hard Skills)
• Operational Risk (Hard Skills)
• Risk Assessment (Hard Skills)
• Stakeholder Collaboration (Soft Skills)

Job Summary: 

• Improve the Information Security Risk Governance frameworks, support yearly maturing and gap assessments
• Scope and prioritize proposed IT projects generated from the Risk Management program’s internal assessments
• Manage the Information Security Risk Register, tracking and regularly reporting status on the documentation and treatment of identified risks within the register
• Facilitate and manage third-party and supply chain risk assessment and treatment
• Conduct internal reviews against Customer Compliance requirements
• Support projects throughout the enterprise by identifying information risks and potential solutions
• Review, update, and track action plans for identified risks and treatment plans within the established governance process involving business, audit, legal, and IT stakeholders
• Conduct assessments with business partners to understand data protection challenges and opportunities for program improvements
• Implement Data Protection policies in related technologies, execute response processes for events discovered in Data Protection technologies
• Conduct reviews of requested exceptions to policy
• Identify opportunities for automation and process improvement and implement appropriate improvements
• Implement and facilitate an information security risk acceptance process

Skills on Resume: 

• Risk Governance (Hard Skills)
• Project Prioritization (Hard Skills)
• Risk Register Management (Hard Skills)
• Third-Party Risk (Hard Skills)
• Compliance Review (Hard Skills)
• Data Protection (Hard Skills)
• Process Improvement (Hard Skills)
• Cross-Functional Collaboration (Soft Skills)

Job Summary: 

• Building effective working relationships with IT risk management, Security, IT Operations, and Development functions
• Provide independent ongoing monitoring and assessment of IT risk management
• Support implementation of new risk policies, practices, appetites and solutions to ensure holistic understanding and management of risks according to industry best practice
• Leveraging knowledge of IT organization processes and business functions to provide an independent assessment
• Review and challenge of IT’s risk management processes, including identification, assessment, aggregation and documentation of risks and controls, including risks associated with new or modified products, services, distribution channels, regulations and third-party operations
• Performing independent assessments of risk management processes in key IT areas such as Business Continuity (BCM), Security, Data Governance and Privacy
• Assisting ERM managers and staff in preparing for and responding to internal audits and regulatory exams and providing input to management response and remediation efforts
• Working with other risk functions to develop and implement controls that mitigate risks
• Communicating results of risk assessments to ERM and ORM management, governance committees, business process owners and various levels of leadership

Skills on Resume: 

• Relationship Building (Soft Skills)
• Risk Monitoring (Hard Skills)
• Policy Implementation (Hard Skills)
• Process Assessment (Hard Skills)
• Risk Review (Hard Skills)
• Business Continuity (Hard Skills)
• Audit Preparation (Hard Skills)
• Risk Communication (Soft Skills)

Job Summary: 

• Measure process or control risk to inform business/product and program-level risk assessment
• Recommendations to the related team on opportunities for risk mitigation based on established risk tolerance
• Provide subject matter expertise on Info security of the risk management framework
• Establish IT risk governance (based on Regulations)
• Credibility and maintain strong working relationships with technical and non-technical teams involved with information security matters (Legal, Business, Product Fraud, Security, Networking, Systems, etc.)
• Establish innovative metrics and regular reporting mechanisms for the measurement of risk activity
• Support ad-hoc data analysis
• Develop and execute communication and marketing strategies to promote a culture of risk management
• Drive continued operational and automation improvements to improve operational efficiency

Skills on Resume: 

• Risk Assessment (Hard Skills)
• Risk Mitigation (Hard Skills)
• Security Expertise (Hard Skills)
• IT Governance (Hard Skills)
• Stakeholder Relations (Soft Skills)
• Risk Metrics (Hard Skills)
• Data Analysis (Hard Skills)
• Process Improvement (Hard Skills)

Job Summary: 

• Implement and maintain the Capita risk management framework within TSS
• Create and maintain a risk management plan for appropriate business units to support the delivery of business objectives
• Agree and support senior management in the delivery and monitoring of risk reduction actions
• Develop and maintain appropriate documentation to support the delivery of effective risk management
• Monthly reporting to senior management on the progress of risk management
• Highlight new and emerging risks and mitigations, focusing on the progress of risk reduction actions
• Support for external certification processes, e.g., ISO 27001
• Ensure output of both internal and external audit and surveillance programmes is fully captured within the risk profile
• Facilitate (IT) Risk and Control Self Assessments and advise on the assessments conducted in the Business Units
• Work closely with the Senior Operational IT Risk Manager on IT-related risk matters
• Contribute to the further development of the Operational Risk discipline within Triodos Bank by developing and improving operational risk management processes
• Provide guidance and advice on the setup of and measuring of effectiveness of key controls
• Advise business units, staff and management (up front) regarding operational risks within new or improved processes or products
• Maintain and extend relations with the ORM community and head office departments

Skills on Resume: 

• Risk Framework (Hard Skills)
• Risk Planning (Hard Skills)
• Risk Reduction (Hard Skills)
• Documentation Management (Hard Skills)
• Audit Compliance (Hard Skills)
• Risk Assessment (Hard Skills)
• Operational Risk (Hard Skills)
• Advisory (Soft Skills)

Job Summary: 

• Engage and partner with stakeholders, internal partners, and peers associated with the development of the enterprise risk program
• Identify and support opportunities related to the development and rollout of the IT risk program
• Determine appropriate tactics and actions to support the IT risk management program rollout
• Interpret company policies, procedures, and applicability of security risk frameworks for key functions within the scope of the risk program
• Support the Security Assurance Director with the risk reporting process, escalation of risk appetite, remediation plans, timely remediation, and gathering of data to support key risk metrics
• Support business partners in reviewing mitigating activities related to risk to ensure these are properly tracked, reported or escalated
• Support strategic risk reporting on the state of mitigating initiatives or action plans for key stakeholders
• Demonstrate sound judgment in a variety of situations, is highly analytical, and knowledgeable of risk management disciplines
• Support oversight of IT risk policy, framework formulation, program development, of comprehensive IT risk and associated enterprise risks
• Support the Security Assurance Director in program activities to ensure these are properly and timely rolled and in line with the Assurance Risk Management Program framework
• Support the development of applicable procedures to support the Enterprise Risk Management Policy
• Support and develop tactical solutions to facilitate the IT risk program rollout
• Become familiar with functional risk programs and or business areas within the organization as they relate to Information Security, Third Party, Business Continuity, and Compliance
• Build relationships with management and risk partners to consult on risk-related topics
• Manage relationships and foster a collaborative team environment
• Collaborate across a large organization and multitask to support the risk program

Skills on Resume: 

• Stakeholder Engagement (Soft Skills)
• Program Development (Hard Skills)
• Risk Analysis (Hard Skills)
• Policy Interpretation (Hard Skills)
• Risk Reporting (Hard Skills)
• Remediation Management (Hard Skills)
• Collaboration (Soft Skills)
• Strategic Communication (Soft Skills)

Job Summary: 

• Execution of the annual control cycle including validation of performed controls
• Come to a view on the effectiveness of controls
• Identify connections between the different frameworks and ensure efficient implementation
• Collaborate with Risk Managers from the operational risk management process
• Make improvement proposals to improve yourself and the team
• Ensure that the proposed actions resulting from audits are followed up on
• Contribute to the continuous improvement of quality and policy
• Help with the implementation of actions resulting from the audit results

Skills on Resume: 

• Control Validation (Hard Skills)
• Control Effectiveness (Hard Skills)
• Framework Integration (Hard Skills)
• Risk Collaboration (Soft Skills)
• Process Improvement (Hard Skills)
• Audit Follow-up (Hard Skills)
• Quality Enhancement (Hard Skills)
• Team Development (Soft Skills)

Job Summary: 

• Build new and support existing relationships with product owners, technology leads, and other key stakeholders across GT
• Engaging proactively and regularly with product teams
• Acting as a trusted advisor for risk concepts and guiding the product teams through various control partner activities in risk, resiliency, privacy, security, and compliance
• Drive a risk-by-design culture within GT, with a focus on understanding product capabilities and business goals
• Support risk and control design in the first stages of capability development through implementation
• Ensure product technologies and capabilities are fit for the risk appetite of the target audience as well as considering the effect on the global enterprise
• Effectively challenge the assumptions and designs of product teams, pulling in others with domain knowledge
• Partner within IT Operational Risk and with external stakeholder organizations (enterprise risk, corporate due diligence, information security, project/program management, etc.) to ensure risks are identified, assessed, mitigated, communicated, and reported
• Help integrate and optimize GT risk management processes, assisting in the development, implementation, and execution of an IT operational risk governance and support model

Skills on Resume: 

• Stakeholder Management (Soft Skills)
• Team Engagement (Soft Skills)
• Risk Advisory (Hard Skills)
• Risk Culture (Soft Skills)
• Control Design (Hard Skills)
• Risk Assessment (Hard Skills)
• Collaboration (Soft Skills)
• Process Optimization (Hard Skills)

Job Summary: 

• Develop approaches, methods and tools to support the audit practices in achieving its strategic objectives (IT risk assurance and data analytics)
• Identify and assess, in collaboration with relevant AMMEGA stakeholders, areas of specific technology risk exposure to be audited
• Develop a yearly schedule of audit projects to be performed based on business criticality and risk assessment
• Develop bespoke technology audit plans and audit engagement plans in conjunction with internal/external stakeholders
• Deliver IT/IS risk assurance activities in the business, including cyber security and resiliency, data protection and confidentiality, technology change, and technology reliability
• Perform IT audit planning, fieldwork and documentation of work papers in line with departmental policies and technology internal audit standards such as COBIT, IIA
• Partner with the IT and business process owners to recommend new technology solutions and strengthen controls and increase efficiencies via automation, monitoring, and Data Analytics
• Formulate and agree with management the action plans and implementation schedules to address areas for improvement
• Following audit completion, prepare and review internal audit reports promptly
• Actively monitor the timely implementation of Management action plans and report progress every quarter
• Guide, supervise and manage the day-to-day activity of internal/external resources to ensure that appropriate preparation work and documentation work are performed before undertaking an audit, and to review the quality of the audit work performed

Skills on Resume: 

• Audit Planning (Hard Skills)
• Risk Assessment (Hard Skills)
• Technology Auditing (Hard Skills)
• Cyber Assurance (Hard Skills)
• Data Analytics (Hard Skills)
• Process Improvement (Hard Skills)
• Automation Strategy (Hard Skills)
• Team Leadership (Soft Skills)

Job Summary: 

• Identifying and classifying potential risks/threats to the organization’s IT environment
• Develops effective solutions for the management of IT risk 
• Tracking the completion of mitigation activities and projects
• Managing the risk register with regular reporting
• Manages risk and vulnerability assessments of projects, systems and vendors
• Collaborates with the organization’s broader Risk Management and Audit functions both locally and internationally, to effectively manage and mitigate IT risk and security issues
• Suggesting enhancements to existing security products and assisting with the identification of security requirements for new IT systems or projects
• Coordinate ongoing disaster recovery planning and annual testing
• Providing subject matter expert advice on information risk and security best practices
• Lead the design and operation of auditing and compliance monitoring processes, as well as remediation and control improvement activities

Skills on Resume: 

• Risk Identification (Hard Skills)
• Risk Mitigation (Hard Skills)
• Risk Tracking (Hard Skills)
• Vulnerability Assessment (Hard Skills)
• Risk Collaboration (Soft Skills)
• Security Enhancement (Hard Skills)
• Disaster Recovery (Hard Skills)
• Compliance Monitoring (Hard Skills)

Job Summary: 

• Ensure compliance with both internal security policies and applicable legislative, regulatory and contractual obligations and best practice guidelines
• Oversee and perform periodic audit and compliance reviews and provide relevant management reporting
• Provide a central liaison and coordination point for activities and reporting associated with internal and external auditors
• Review and assess existing controls, manage risk mitigation and control improvement programs, and provide relevant management reporting
• Perform application and project risk assessments
• Provide and contribute to the monthly metrics reporting
• Help automate in a GRC tool to augment effectiveness
• Assisting with questionnaire follow-up with business interests
• Assisting with the vendor risk management program 

Skills on Resume: 

• Policy Compliance (Hard Skills)
• Audit Management (Hard Skills)
• Stakeholder Coordination (Soft Skills)
• Control Improvement (Hard Skills)
• Risk Assessment (Hard Skills)
• Metrics Reporting (Hard Skills)
• GRC Automation (Hard Skills)
• Vendor Management (Hard Skills)

Job Summary: 

• Delivering the right signals and insights on the risk and control areas
• Guiding and executing the implementation of new policies and risk frameworks
• Drive execution of the GT technology operational risk assessment strategy and capability across the organization that optimizes vertical alignment and horizontal integration with other interfacing functional strategies
• Assist in the development of, and execute, implement, maintain and optimize an IT operational risk assessment framework and associated processes in place to effectively identify and assess risk with a focus on technology, technology processes, and risk and control self-testing
• Drive execution of IT operational risk assessment activities
• Partner with other stakeholder organizations (enterprise risk, corporate due diligence, information security, project/program management, etc.) to ensure appropriate risks are identified, mitigated, communicated, and reported
• Help integrate and optimize GT assessment processes with key enterprise operational risks
• Develop and monitor the implementation of all relevant second-line Frameworks and Policies in relation to IT Risk
• Review the effectiveness of relevant risk management Frameworks, Policies, Systems, Processes and Tools on an annual basis and execute the communication and embedding of these effectively in the First Line
• Ensure the above Frameworks and Tools facilitate the timely risk identification, assessment, mitigation, monitoring and reporting of IT Risk
• Ensure that the IT Risk priorities are delivered in accordance with Risk Appetite
• Provide insight into and create resolutions and/or policies to existing and emerging risks

Skills on Resume: 

• Risk Insights (Hard Skills)
• Policy Implementation (Hard Skills)
• Operational Strategy (Hard Skills)
• Risk Framework (Hard Skills)
• Risk Assessment (Hard Skills)
• Stakeholder Partnership (Soft Skills)
• Process Integration (Hard Skills)
• Risk Monitoring (Hard Skills)

Job Summary: 

• Provide leadership and management over the audit process, including risk assessment, budgeting, planning, scheduling, executing, and reporting
• Aid in identifying opportunities and developing strategies for entry into new markets and clients
• Lead teams in contributing a broad array of services through the use of leading-edge innovation tools and technology
• Identify and assess the risks associated with related business application processes
• Evaluate the effectiveness of controls to mitigate these risks
• Assess internal controls, monitoring risks and emerging issues
• Recommend enhancements to safeguard assets and ensure compliance with corporate policies and procedures, laws, and regulations
• Identify issues, root causes and make business-focused recommendations to management
• Provide oversight and monitoring to ensure efficiency and effectiveness of the audit team in providing high-quality work and continuous improvement
• Develop rapport with the client's senior management through regular discussions about the business and by effectively communicating results related to audits performed, risks identified, and emerging issues

Skills on Resume: 

• Audit Leadership (Soft Skills)
• Risk Assessment (Hard Skills)
• Strategic Planning (Hard Skills)
• Control Evaluation (Hard Skills)
• Compliance Management (Hard Skills)
• Issue Resolution (Hard Skills)
• Team Oversight (Soft Skills)
• Client Relationship (Soft Skills)

Job Summary: 

• Develop and maintain technology policies, standards, procedures, and guidelines
• Ensure that the policy approval process is followed
• Help maintain Technology’s process inventory and internal control environment inventory
• Act as point of contact for technology-focused external and internal audits and assessments (SOC2, PCI DSS, and others)
• Effectively communicate technology and security-related risks and vulnerabilities
• Validate solutions being implemented are in line with the currently approved policy, in conjunction with the Technology and Security teams
• Act as business-line liaison to Enterprise Risk Management and Operational Risk Management
• Perform control testing of technology controls for correct implementation and operation
• Create, facilitate, and manage risk identification and remediation processes
• Ensure risk remediation plans exist and are sufficient
• Track remediation plans to completion and ensure remediation is on time and sustainable
• Ensure action plans and remediation of issues by the Risk Owner
• Assist Technology teams in driving improvements in confidentiality, integrity, and availability
• Identify and implement process improvement efforts
• Work with process and control owners to better define and implement control performance requirements
• Support the company’s commitment to risk management and protecting the integrity and confidentiality of systems and data

Skills on Resume: 

• Policy Management (Hard Skills)
• Audit Coordination (Hard Skills)
• Risk Communication (Soft Skills)
• Control Testing (Hard Skills)
• Risk Remediation (Hard Skills)
• Process Improvement (Hard Skills)
• Security Assurance (Hard Skills)
• Stakeholder Liaison (Soft Skills)

Job Summary: 

• Engage closely with the Risk Governance team to establish appropriate risk appetite metrics, KRIs, and other monitoring to ensure Risk Tolerances are appropriately monitored in the entities
• Implement detailed, data-driven narratives to inform Management of risk profiles related to a variety of IT Risk and Security topics
• Provide risk position and challenge on new products, changes, and risk remediation efforts
• Apply expert risk-based guidance on adherence to Information Technology and Cybersecurity risk-related regulations from the CSSF, FCA and other applicable regulatory bodies
• Build and maintain relationships with key business and operational stakeholders, serving as a credible challenger regarding Amazon Payments Information Technology and Cybersecurity Risk treatment
• Defining, building up and maintaining IT Risk Management processes on a Group level
• Cooperation and building an interface (SPOC) between the Risk management function and IT teams within the legal entities in different locations
• Support and coaching for the employees and management in the division CIO/COO with IT Risk management-related matters
• Stakeholder Management, e.g., presenting status to executive boards and business owners, as well as the moderation of meetings on IT Risk management

Skills on Resume: 

• Risk Monitoring (Hard Skills)
• Data Analysis (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Risk Advisory (Hard Skills)
• Stakeholder Management (Soft Skills)
• Process Development (Hard Skills)
• Cross-Functional Coordination (Soft Skills)
• Executive Communication (Soft Skills)

Job Summary: 

• Identify, assess, prioritize and report on material risks for IT and aligned business areas
• Working with various Risk Advisors across the organization
• Perform Risk Assessments and maintain IT Profiles for IT environments of relevant business lines as agreed with Operational Risk Management
• Assess the IT risk of new and existing third-party vendors in conjunction with Third Party Risk Management
• Assist contract owners with outstanding due diligence items for IT third-party contracts
• Partner with other risk groups to assess, implement and communicate new/updated risk controls, frameworks, policies, risk indicators, metrics and limits
• Act as SME to IT Stakeholders about IT best practices, regulatory obligations, and governance requirements
• Determine and propose action plans for key regulatory, operational or vendor risks
• Review Self-Identified Issue closure requirements
• Work with IT Owners and enterprise Regulatory Compliance Management (eRCM) to ensure the controls inventory is accurate and captures any impact of new regulations
• Provide guidance and oversight for regional counterparts 
• Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions

Skills on Resume: 

• Risk Identification (Hard Skills)
• Risk Assessment (Hard Skills)
• Vendor Evaluation (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Policy Implementation (Hard Skills)
• Subject Expertise (Hard Skills)
• Action Planning (Hard Skills)
• Stakeholder Guidance (Soft Skills)

Job Summary: 

• Supporting the development and implementation of a robust IT Risk Management framework
• Identifying gaps between the current and the desired state of implementation of IT Risk controls
• Supporting, coordinating, and monitoring the remediation of identified risk and control gaps
• Ensuring that IT risks are identified, assessed and mitigated in the context of changes and projects (e.g., new products, assets, 3rd parties service providers, processes, etc.)
• Coordinating external and internal audits in relation to IT risk
• Building the awareness of Lendico staff in IT risk by conducting training and providing subject matter expert guidance
• Contributing to other ad hoc Non-Financial Risk activities and providing support to NFR team mates as advised by the Head of Non-Financial Risk
• Implementing a group-wide IT-Risk Governance Methodology including corresponding group guidelines
• Preparing reports and KPIs in connection to prevent/minimize IT-related risks (incl. cyber risks as well as internal or external threats)
• Training and supporting VIG subsidiaries to perform the IT-Risk assessments
• Collaborating with local IT-Risk SPoCs
• Establishing reviews and verifying IT-Risk documentation of the IT landscape (VIG Holding and VIG international systems)
• Ensuring appropriate IT-Risk Management documentation of the Group in connection with IT Continuity Planning
• Administering of group-wide tool (Risk2value) for monitoring proper management of IT-Risks at the subsidiary level to ensure that material IT-Risk issues are being appropriately addressed, maintained and mitigated
• Collaborating with the Group Enterprise Risk Management

Skills on Resume: 

• Risk Framework (Hard Skills)
• Gap Analysis (Hard Skills)
• Risk Remediation (Hard Skills)
• Audit Coordination (Hard Skills)
• Training Delivery (Soft Skills)
• Governance Implementation (Hard Skills)
• Reporting Metrics (Hard Skills)
• Cross-Functional Collaboration (Soft Skills)

Job Summary: 

• Drive discussion with the business and other stakeholders on the process for technology risk review
• Take part in awareness campaigns - digital and otherwise
• Communicate and inform business requesters on IT risk assessment requirements and processes
• Obtain feedback on potential changes to the risk assessment process from business units
• Gain awareness of new and emerging technologies being deployed and ensure risk assessment processes are appropriately applied
• Lead and support the onboarding of technology solutions by collaborating with and communicating the requirements of the program to business teams as well as internal stakeholders
• Assist business teams with planning the completion of the required documents to improve the quality for internal stakeholder consultation
• Project manage multiple reviews and keep the technology risk management informed of progress
• Effectively leverage ServiceNow process workflow to record, track and monitor multiple concurrent requests and submissions
• Manage and report status to the lead partner every week
• Troubleshoot where risk assessment processes are lagging and develop, recommend and deploy effective solutions to resolve (including making more effective use of Service Now)
• Perform a general risk review of technology Quality Risk Management submissions by business units and highlight any significant risks
• Identify where potential solutions present potential risks in the following areas
• Work collaboratively with stakeholders who require involvement in reviewing each risk to monitor and assist in their consultations
• Present significant risks or complex findings to technology risk management for resolution
• Draft risk summaries and present to technology risk management for review and approval
• Assist in responding to internal Global Quality Management assessments related to the Technology Risk Management area
• Manage the technology risk document repository

Skills on Resume: 

• Risk Communication (Soft Skills)
• Awareness Campaigns (Soft Skills)
• Technology Assessment (Hard Skills)
• Stakeholder Collaboration (Soft Skills)
• Project Management (Hard Skills)
• Process Improvement (Hard Skills)
• Risk Reporting (Hard Skills)
• Documentation Management (Hard Skills)

Job Summary: 

• Drive Sr. Mgmt. awareness and engagement around operational risk identification and mitigation and accountability for compliance
• Decide when dispensations or risk acceptances are required and drive the adoption of workflow processes
• Provide expertise and guidance on regulatory requirements for the area of responsibility
• Drive business awareness of appropriate policies and controls and required compliance
• Drive the implementation of IT Risk TOM and the service catalogue
• Manage relationship with CIOs / Heads of IT
• Drive Audit and regulatory planning and execution
• Liaison with 2nd and 3rd line of defense including IT Security, Operational Risk, Compliance, ISR, Audit, etc
• Risk point of contact for the Regional Head of IT Risk / IT Teams

Skills on Resume: 

• Risk Awareness (Soft Skills)
• Regulatory Expertise (Hard Skills)
• Policy Compliance (Hard Skills)
• IT Governance (Hard Skills)
• Stakeholder Management (Soft Skills)
• Audit Planning (Hard Skills)
• Cross-Functional Liaison (Soft Skills)
• Risk Leadership (Soft Skills)

Job Summary: 

• Oversee key aspects of technology risk management activities as an independent risk advisor by enforcing the Firmwide IT Risk Management Framework (ITRMF) and Legal Entity (LE) specific regulatory requirements
• Monitor and act as an independent advisory role to assist the CIO on the responses to regulatory inquiries/inspections/audits
• Work on supporting global technology risk assessment programs and help define local requirements
• Jointly work with functional risk officers on assessment of IT risk exposures, conducting self-assessment and data analysis 
• Help identify technology-related risks and exceptions, and subsequently monitor, track, and manage them
• Support the implementation and maintenance of technology policies and standards
• Enforcing compliance with standard technology risk posture
• Represent technology risk at the local industry-wide technology risk forums
• Provide technology risk updates to the CIO and work as the secretary to the tech risk governance committee

Skills on Resume: 

• Risk Advisory (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Risk Assessment (Hard Skills)
• Data Analysis (Hard Skills)
• Risk Monitoring (Hard Skills)
• Policy Enforcement (Hard Skills)
• Governance Reporting (Hard Skills)
• Stakeholder Communication (Soft Skills)

Job Summary: 

• Devise invaluable strategies and improve the financial and operational health of an organisation
• Leverage of industry expertise within digital security functions
• Engage with all senior management, executive-level and other stakeholders
• Training of management to fulfil corporate missions and suggest technical solutions
• Formulating resolutions that are backed up with quantitative data
• Providing Risk Management leadership across the Bank’s Information and Technology risks, including Cybersecurity, Data Management and Cloud
• Assisting with determining the IT Risk Program's strategy and areas of focus
• Providing subject-matter expertise, support, monitoring, and challenge on IT risk-related matters
• Performing quarterly and ad hoc IT risk assessments to form and support the Bank’s IT risk profile
• Providing periodic IT risk updates at governance meetings and preparing IT Risk Committee materials
• Understanding and applying internal policies, standards, procedures, laws and applicable regulations
• Assisting with appropriate monitoring mechanisms, including involvement in the IT Risk Intelligence function

Skills on Resume: 

• Strategic Planning (Hard Skills)
• Digital Security (Hard Skills)
• Stakeholder Engagement (Soft Skills)
• Leadership Training (Soft Skills)
• Data-Driven Solutions (Hard Skills)
• Risk Leadership (Soft Skills)
• IT Assessment (Hard Skills)
• Governance Reporting (Hard Skills)

Job Summary: 

• Support the further development and maintenance of the IT Operational Risk Management framework, including the maturity of the IT Control library and the performance of IT risk assessments and enabling Qualcomm’s management to make strategic risk management decisions
• Contribute to the maturation of the IT GRC tool and its alignment with the needs of the IT GRC team
• Work with IT and Business Leadership and IT Service Owners to assist with the identification, assessment, treatment and management of IT Operational risks
• Collaborate closely with the Information Security Risk Management organization to perform integrated IT Risk assessments (IT Operational and Cyber Risk) across the IT organization
• Assist IT teams engaging with Internal Audit initiatives, ensuring adherence to scope, providing visibility, consistency and alignment across the IT organization, and assisting IT teams in responding to audit findings
• Enable Qualcomm regulatory and compliance capabilities, such as ISO, IATF, Sarbanes-Oxley Act, local statutory audits, SOC 1/2, etc.
• Provide consultative risk management services to partners within the IT organization and business partners
• Act as an advisor to team leads in the IT Policy and IT Service Continuity domains
• Produce reports allowing the IT Leadership visibility to the program accomplishments, challenges, upcoming activities, key risks and remediation plans

Skills on Resume: 

• Risk Framework (Hard Skills)
• GRC Management (Hard Skills)
• Risk Assessment (Hard Skills)
• Cross-Functional Collaboration (Soft Skills)
• Audit Support (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Consultative Advisory (Soft Skills)
• Risk Reporting (Hard Skills)

Job Summary: 

• Contributing to the ongoing development of the IT Quality and Risk framework that is applied across easyJet IT
• Analysing IT issues and risk events to understand and educate on potential risks and outcomes of decisions
• Interfacing with technical and non-technical stakeholders within easyJet to build and maintain valuable and productive working relationships and ensure that the benefits of managing IT Quality and Risk to the business are demonstrated
• Supporting the Internal Audit process including understanding and articulation amongst IT stakeholders of key IT risks underlying any resulting actions
• Maintaining Quality and Risk artefacts (e.g., IT Risk Register, Bow Tie Risk Reporting, etc.) to demonstrate the effects of managing IT risk (both via tactical and strategic planning)
• Presenting and explaining the assessment of risk scenarios as well as mapping of capability controls, metrics and measures
• Identify opportunities for quality improvement using the existing framework and controls
• Monitoring IT capability and control requirements and analysing and articulating gaps both within IT, Data, and Change and with other key stakeholders including Corporate Risk and Digital Safety

Skills on Resume: 

• Risk Framework (Hard Skills)
• Risk Analysis (Hard Skills)
• Stakeholder Management (Soft Skills)
• Audit Support (Hard Skills)
• Risk Reporting (Hard Skills)
• Quality Improvement (Hard Skills)
• Control Monitoring (Hard Skills)
• Cross-Department Collaboration (Soft Skills)

Job Summary: 

• Coordinating and supporting activities of NFR in the areas of IT/Information Risk (e.g., Cyber Risk, Business Continuity Risk, Personal and Physical Security and Sourcing)
• Developing, implementing, improving and validating group-wide requirements such as Policies and Minimum Standards to mitigate information risks in line with applicable regulatory requirements
• Creating and validating relevant risk reports for the information of the Board in alignment with the first and second lines of defense
• Providing subject matter expert advice and guidance to relevant stakeholders in Information and IT risk areas and the corresponding regulatory requirements
• Supporting and monitoring the management of information and IT risks related to strategic projects
• Ensuring that IT activities are in line with regulatory requirements and run smoothly in such a way that they can be demonstrated to the internal and external regulators
• Contributing to the confidentiality and integrity of ING's IT products, services, employees and compliance with respect to the outside world
• Identify risks and perform risk management as per the Enterprise Risk Management methodology for the various Risk focus areas within the Information Risk Management (Non-Financial Risk)
• Support and advise management in managing these risks and the in-control process

Skills on Resume: 

• Risk Coordination (Hard Skills)
• Policy Development (Hard Skills)
• Risk Reporting (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Expert Advisory (Soft Skills)
• Project Oversight (Hard Skills)
• Information Security (Hard Skills)
• Risk Management (Hard Skills)

Job Summary: 

• Responsible for developing and maintaining the Information Technology and Data Management risk governance process
• Develop the Program and supporting policy, process, and procedures
• Provide leadership, support, and risk consultation on various IT and Data Governance initiatives
• Use of sound risk-based decision making, experience and judgment in responding to inquiries
• Support regulatory and independent testing liaison activities as related to IT / Data Governance risk programs
• Ensure corporate-wide communication and reporting and foster a consistent culture of compliance and a collaborative environment within the first line of defense for an enterprise-wide and holistic IT/Data Governance program
• Responsible for maintaining the Model Risk Management Program, which includes facilitating model validation, certification, and performance monitoring
• Remain current with IT, Data Management, and Model Risk Management regulatory guidance and industry best practices as well as emerging risks
• Coordinate components of select examinations and audits in accordance with Regulatory Exam Facilitation procedures maintained by Compliance and ensure that all exam and audit needs are met

Skills on Resume: 

• Risk Governance (Hard Skills)
• Program Development (Hard Skills)
• Leadership Support (Soft Skills)
• Risk Consultation (Hard Skills)
• Regulatory Liaison (Hard Skills)
• Compliance Culture (Soft Skills)
• Model Management (Hard Skills)
• Audit Coordination (Hard Skills)

Job Summary: 

• Evaluate potential risks and exposures in Technology, and determine how to effectively minimize those risks and assist in developing procedures that can be implemented
• Working closely with business and/or project owners to influence a strong risk culture
• Participating in risk workshops, providing guidance on risk assessments and strategies, and ensuring risk remediation activities are completed against appropriate timelines
• Support the designated Project in risk management activities (identifying, assessing, mitigating, delivering and managing risks)
• Ensure projects are managed in accordance with the Group Project governance, Risk Management framework and Project Management practice to minimise delivery risk
• Ensure the delivered risk position is identified and transitioned into relevant teams with risk impact and within the risk appetite
• Ensure stakeholders have considered the impact of change on the risk profile and have appropriate actions in place to address the identified implications and their underlying risk profile
• Monitor compliance with the Compliance Risk Management framework and Regulatory standards in project solutions
• Proactively contribute towards delivering quality service delivery through effective alignment with the 3 Lines of Defence Model and Operational Risk Management
• Support Group strategy by assisting the business with the implementation of a risk management framework that strikes the right balance between risk and return within risk appetite and is a key enabler for the achievement of program objectives
• Provide internal stakeholders with practical, risk advice, seeking solutions consistent with the objectives, risk appetite and tolerances and governance frameworks
• Contributing to the management reports for formal governance forums, making sure risks are articulated clearly and the right information gets to the right people for the right decisions to be made
• Provide oversight of risk-related incidents and breaches to validate any first-line assessments and investigate the possibility of systemic issues
• Play an active role regarding controls monitoring and testing and develop monitoring techniques to highlight gaps, drive improvements and escalate 
• Continuous learning to deepen understanding of the business, risk management practices and industry developments

Skills on Resume: 

• Risk Evaluation (Hard Skills)
• Risk Culture (Soft Skills)
• Risk Workshops (Hard Skills)
• Project Support (Hard Skills)
• Compliance Monitoring (Hard Skills)
• Stakeholder Management (Soft Skills)
• Incident Oversight (Hard Skills)
• Control Testing (Hard Skills)

Job Summary: 

• Proactively train, advise and support the DARE central team and local businesses in identifying risks and implementing risk mitigating measures
• Keep track of new, updated and removed Policies and Minimum Standards and take appropriate actions of cascading the message as well as the definition of done
• Initiates and/or facilitates Risk Assessments, Risk Acceptances, Issue Remediation Plans and Closure Memos in cooperation with relevant IT stakeholders
• Monitors and reports progress on identified risks, escalates to IT Lead, IT Risk Head C&G/Tech
• Provides reports to C&G Tech MT on Risk and Security topics
• Reports to other stakeholders (IT Partners, ORM, IRM, CAS, Central Programs, etc.) on Risk and Security topics as desired
• Provides Risk and Security related backlog items (Epics, Features or User Stories) to the Asset Owner/Product Owners through the IT Lead (IT Custodian in the DARE central team)
• Engage with firm-wide risk and control groups, including first and second line of defense risk functions, to develop support for the risk agenda
• Establish best practices and coordinate the implementation of relevant risk management frameworks across several technology-aligned risk teams
• Serve as key stakeholder and sponsor for a portfolio of risk remediation activities, including leading program efforts and driving requirements to delivery teams
• Facilitate cross-disciplinary coordination for risk analysis, remediation scoping, reporting and engagement with stakeholders
• Monitor the appropriateness and completeness of key risk and control metrics within risk tolerance on behalf of the organization

Skills on Resume: 

• Risk Training (Soft Skills)
• Policy Management (Hard Skills)
• Risk Assessment (Hard Skills)
• Risk Reporting (Hard Skills)
• Security Oversight (Hard Skills)
• Framework Implementation (Hard Skills)
• Remediation Leadership (Soft Skills)
• Cross-Functional Coordination (Soft Skills)

Job Summary: 

• Completes annual walkthroughs of IT for the purpose of determining whether control design and performance meet control objectives and are consistent with expected standards
• Facilitates the documentation of business processes, which includes the identification and evaluation of specific control activities
• Consults with the business lines on process changes, ensuring that control design updates are appropriate
• Completes evaluations from a user perspective of Service Organizations and their respective System and Organization Control Reports (SOCR) to confirm that control design is adequate and that reported deviations are addressed
• Reviews and maintains documentation in Archer eGRC with the intent of ensuring it is current, accurate and complete
• Assists with the effective execution of the Bank’s Sarbanes-Oxley Internal Control Assessment Program
• Market share when it comes to IT Governance-related service across the 3 LOD
• Gaining an understanding of the clients' IT applications and infrastructure to determine the effectiveness of the control environment through performing and reviewing process walkthroughs
• Reviewing a detailed analysis of the control environment to gain assurance over the effective operation of controls
• Identifying control weaknesses and any mitigating controls
• Reviewing working papers and supporting evidence in line with internal compliance requirements
• Effectively articulating control findings to key client stakeholders

Skills on Resume: 

• Control Evaluation (Hard Skills)
• Process Documentation (Hard Skills)
• Control Design (Hard Skills)
• SOCR Review (Hard Skills)
• GRC Management (Hard Skills)
• SOX Compliance (Hard Skills)
• Control Analysis (Hard Skills)
• Stakeholder Communication (Soft Skills)

Job Summary: 

• Empower business units to identify, measure and document the most relevant risks on the application, component and data layer continuously
• Improve the current risk methodology and provide a scalable solution to assess IT and cybersecurity risks in Zalando’s technological environment as well as for third parties
• Identify relevant threats, threat actors and attack vectors for the IT environment and use them to make risk estimations and monitoring
• Define methods and metrics to measure business impact to improve the risk estimations
• Approval of Software requests, 3rd party risk assessments, policy exception requests
• Supporting the CRO and Head of Risk as the primary IT risk SME within the 2nd line function
• Supporting the implementation of the technology risk framework for the Group
• Effective stakeholder management across Line 1 and Line 2
• Guide risk and control self-assessments
• Oversight of various IT services and reporting activities
• Guidance on risk maturity uplift opportunities within the technology functions

Skills on Resume: 

• Risk Identification (Hard Skills)
• Methodology Improvement (Hard Skills)
• Threat Analysis (Hard Skills)
• Impact Measurement (Hard Skills)
• Risk Assessment (Hard Skills)
• Framework Implementation (Hard Skills)
• Stakeholder Management (Soft Skills)
• Control Oversight (Hard Skills)