Risk & Control Manager
5 dni temu
Division: CISO
Euroclear is a global critical financial market infrastructure company.
Strong IT Risk Management and Security are at the core of the company's services, firmly embedded in their management systems and processes.
The Control Management team is part of the Cyber Information Security Office Division and is in charge of driving the definition and implementation of the control framework addressing the key IT and Security risks and ensuring compliance to all regulations and external requirements applicable to the Technology organization of the group.
Role
This role is focusing on the IT control framework, covering all key IT and Security domains including Identity & Access Management, Vulnerability Management, Security Monitoring and Incident Management, Platform, Network, Application Security, IT Change Management, IT Resilience, Backup and Restore, among others.
The Euroclear control framework is built upon industry standards and is implemented within the ServiceNow GRC platform. You will contribute to design, co-create and roll out effective controls addressing key risks and regulatory requirements across all security domains, advising Control Owners and IT and Security management. By promoting and implementing controls you will help to improve the risk culture and control maturity in IT. You will work closely with process owners, control owners and performers across IT and Security divisions and locations, as well as liaise with second and third lines of defence (Risk Management and Internal Audit).
You have a strong risk mind-set, are a good relationship builder and want to play a critical role in the IT and Security Risk transformation and change roadmap. Proficient (oral and written) communication as well as influencing are part of your main skills.
Requirements
- University Master's degree or equivalent experience (education in computer science, engineering or cybersecurity is a plus)
- 5+ years field experience in the IT risk and controls management, preferably in large/enterprise multi-platform-based IT environments
- Good knowledge of the key principles of the Information Security Management Systems and various Technology Domains such as Identity and Access Management, Network Security, Vulnerability Management, Endpoint Security, Data Protection, Security Incident Management, IT Change Management, IT Resilience, Backup and Restore
- Certifications in security such as CISSP, CISM, GIAC is a key advantage
- A good understanding and experience with ServiceNow GRC or equivalent solution is a strong asset
- Proficient knowledge of English (verbal, writing, presentation)
Soft skills
- You possess a strong risk and control attitude; your thoroughness ensures consistently high-quality work.
- You have good communication skills, whether on the field, in the team or with management: you are a great teammate and coordinate work amongst people from different areas or divisions. A good relationship builder with diplomacy skills.
- You are a highly motivated self-starter and quick learner, and you can work proactively in an environment with challenging priorities.
- You are analytical and risk oriented. You know how to break down complex situations to address logical links and dependencies. You can distinguish essential information and summarize it accordingly.
- You have the ability to challenge and influence IT and Security experts. You acquire approval of others with good arguments, appropriate influencing methods and personal assertiveness (persuasion), constructively challenging and negotiating at levels up to middle management.
#LI-NS1
-
Senior IT Risk and Control Officer
3 dni temu
Poland SIX Pełny etat 80 000 zł - 150 000 zł rocznieSIX drives the transformation of financial markets.What sets us apart drives us ahead: between local roots and global relevance, we are a unique blend of tradition and future, of foundation and growth. We value bright minds and inspire them to grow with their ideas. Come and shape the future of finance with us. Senior IT Risk and Control Officer Warsaw...
-
AI Risk Manager
7 dni temu
Poland - Warsaw - HQ UniCredit Pełny etat 60 000 € - 120 000 € rocznieWhat we do? Aion Bank is a fully regulated European bank and credit institution, combining Vodeno's cutting-edge, private blockchain-based platform with its ECB banking license, strong balance sheet, and deep regulatory expertise. Our mission is to provide a comprehensive suite of embedded banking solutions, enabling businesses to seamlessly integrate...
-
IAM Senior Risk Analyst
7 dni temu
Poland Euroclear Pełny etat 45 000 zł - 65 000 zł rocznieDescriptionAn Identity and Access Management (IAM) Senior Risk Analyst is responsible for identifying, assessing, and mitigating risks related to Identity and Access Management across the organisation. The Senior Analyst acts as a subject matter expert, collaborating with IT, security, compliance, and business stakeholders to drive continuous improvement in...
-
Operational Risk Manager
5 dni temu
Poland - Warsaw - HQ UniCredit Pełny etat 80 000 zł - 120 000 zł rocznieWhat we do? Aion Bank is a fully regulated European bank and credit institution, combining Vodeno's cutting-edge, private blockchain-based platform with its ECB banking license, strong balance sheet, and deep regulatory expertise. Our mission is to provide a comprehensive suite of embedded banking solutions, enabling businesses to seamlessly integrate...
-
Data Privacy Risk Manager
7 dni temu
Poland - Warsaw - HQ UniCredit Pełny etat 80 000 zł - 150 000 zł rocznieWhat we do? Aion Bank is a fully regulated European bank and credit institution, combining Vodeno's cutting-edge, private blockchain-based platform with its ECB banking license, strong balance sheet, and deep regulatory expertise. Our mission is to provide a comprehensive suite of embedded banking solutions, enabling businesses to seamlessly integrate...
-
Senior Cybersecurity Risk
5 dni temu
Poland Euroclear Pełny etat 90 000 zł - 120 000 zł rocznieDescriptionDivision: CISOEuroclear is a global critical financial infrastructure company. Security is at the core of the company's services, firmly embedded in their management systems and processes. Our Tribe provides impact analysis, security risk assessment, security requirements, design validation for all IT projects in Euroclear, regular security...
-
Cybersecurity Risk
5 dni temu
Poland Euroclear Pełny etat 40 000 zł - 55 000 zł rocznieDescriptionDivision: CISOAs part of Euroclear's Cybersecurity Risk and Governance team within the CISO division, you will play a key role in securing the development and maintenance of our critical infrastructure. Your mission is to help embed cybersecurity controls across IT projects and services, ensuring compliance with internal policies and external...
-
Senior Third Party Security Manager
5 dni temu
Poland Euroclear Pełny etat 90 000 zł - 120 000 zł rocznieDescriptionSenior Third Party Security Manager, Band 6 Division: CISOAbout the Role: We are seeking a dynamic and experienced Third Party Security Manager to join the IT Risk tribe. In this role, you will be responsible for internal coordination of Third Party Security assessments for all external Third Parties including Merger and Acquisition initiatives...
-
Risk Analyst
7 dni temu
London, England, United Kingdom / Warsaw, Mazowieckie, Poland capital Pełny etat 40 000 zł - 60 000 zł rocznieWe are a leading trading platform that is ambitiously expanding to the four corners of the globe. Our top-rated products have won prestigious industry awards for their cutting-edge technology and seamless client experience. We deliver only the best, so we are always in search of the best people to join our ever-growing talented team. We are a leading...
-
Poland Infosys Pełny etat 40 000 zł - 80 000 zł rocznieCurrently we are looking for a candidate for the position of:Senior Associate Consultant in Control & Compliance Location: Lodz - hybrid or remoteResponsibilities:Ensuring sound and effective internal controls (F&A, ITGC) are in place across processesEstablishing control scope for transitioned processes/unitsDeploying internal controls for migrating...
