- OVERVIEW OF OPPORTUNITY
The Information Technology Risk Officer will support DegroofPetercam IT-Risk team and serve as the main point of contact to manage risks and red flag assessments for IT related initiatives and projects.
He will manage our technology risk appetite process and provide support for our Enterprise Technology Risk Reporting process.
The individual will also assist with risk reporting for the IT Risk Management & Information Security team and define requirements for additional risk reporting and oversight capabilities inline with the Operational Risk Management team.
- Serve as the chief point of contact for our Technology Risk Management & Information Security team.
- Provide support for assessing risks in technology related initiatives with risks and red flags identified during defined intake procedures.
- Assist in the definition of new metrics monitor Key Risk Indicators (KRIs) against DegroofPetercam technology risk appetite.
- Prepare the first line Risk report and track actions to reduce technology risk.
- Assist with the Technology Risk reporting operations, including scheduling key monthly meetings, monitoring key milestones, escalation of past due activities, problem triage and management, and archiving key monthly artifacts for audit purposes.
- Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for specific area.
- Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
- Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
- Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
- Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise.
- Experience in a highly regulated environment, specific experience with financials sectors
- Experience with European regulatory requirements (ECB, EBA, NBB, CSSF, …)
- Advanced knowledge in industry frameworks and standards (NIST, ITIL, ISO27xxx, SANS CIS20, …)
- Financial Services industry experience is an asset
- Expert knowledge of IT security and risk disciplines and practices
- Advanced knowledge of organization, technology controls, security and risk issues
- Demonstrated ability to participate in complex, comprehensive or large projects and initiatives
- Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors
- 5 + years of relevant experience
- Information Security Certification (CRISC, COBIT, CISM, CISSP) or similar knowledge
- Experience with Key Risk Indicators and Technology Risk reporting preferred
- Soft skills:
- Flexible and detail-oriented
- Stress resistant
- Able to set clear priorities and meet the deadlines
- Can take a position and defend his opinion
- Education: University – Bachelor’s Degree/3-4 Year Degree – equivalent
- OUR OFFER
By working for our group, you will join a Belgian bank of a human size where personal contacts prevail. As from the start, you work with colleagues from various business lines and have direct impact on our private, institutional or corporate clients. We strongly invest in the development of your talent by offering you a variety of in-house finance-specialized and management training as well as external programs. Looking for a long term relationship not only with our clients but also with you as employee, we offer you an attractive salary package, including a performance related bonus, extra-legal benefits, and a variety of in-house finance-specialized and management training as well as external programs.
If interested, please apply at IT Risk Officer (indeed.com)