svg
21
svgĮsiminti

IT Risk Specialist in Business Risk and Controls

svg
21

Area

In IT Business Risk & Controls our focus is squarely on identifying, quantifying, and cost-effectively treating risk.

The Group is exposed to risks relating to the security of assets and people. These risks are defined as “Security Risks”. Systematic and coordinated management of Security Risk is essential for meeting the Group Entity’s strategy, protecting the interests of the Group Entity’s customer and stakeholder and for meeting regulatory requirements.

We are incorporating an agile method for working in collaboration with partners in the business and second-line functions and designing data-driven risk-related initiatives to standardize the management and reporting of risks and controls across the bank.

In our department, we have the mandate to design, implement, train, and monitor the governance to ensure the confidentiality, integrity, and availability of IT assets in the group, including third parties.

We have around 40 colleagues spread across 3 locations in Denmark, India, and Lithuania.

Mission

  • You will have to maintain IT Risk Register in ServiceNow and set requirements for functionalities enhancement.
  • You will have to work in all IT Risk Management lifecycle stages supporting IT asset owners when it comes to validation of documented risks enabling IT asset owners to take risk-based decisions (e.g. supporting risk owners with identified ad-hoc risks).
  • You will be responsible for reporting of IT Risk posture and risk treatment status to stakeholders and higher management.
  • Occasionally work on process related documentation (e.g. instructions, SOP’s, etc.).
  • In addition, you may be involved in Security Healthcheck assessments or in deep dive controls validation process.

Skills

  • 2-3 years’ experience in IT security, IT risk and control encompassing or equivalent (e.g., Risk management, Controls management experience).
  • Working familiarity with the ISF Standard of Good Practice, NIST CSF.
  • Security control assessments on services, applications, infrastructure components, etc.
  • Risk treatment decision support.
  • An understanding of quantitative Risk Assessment Methodology.
  • GRC (Governance Risk Compliance) tooling (preferably ServiceNow).
  • Business level fluency in spoken and written English.
  • Approachable, pragmatic, and smart worker.
  • You ‘re curious self-starter who is eager to collaborate with others and it’s easy for you to adapt to different situations and make things happen.

We offer:

We will ensure that exact salary offered for you will be based on your qualifications, competencies, professional experience and requirements for the corresponding job function (salary range from 2240 EUR to 3360 EUR gross EUR/monthly).

We care about your well-being and work-life balance, so we offer a whole package of benefits for you in addition! Check this out

Your title in job contract will be Officer - Business Risk & Controls.