IT Risk Advisor
Employee | Risk Management | Professional | Slovakia | Bratislava | 2023-11-20 | REQ-10059738
We are looking for an IT Risk advisor to complement the Information Risk Management (IRM) team of ING Hubs Slovakia in Bratislava. As a strategic partner of the global ING Bank, ING Hubs Slovakia is delivering key services to Bank’s clients which are branches and subsidiaries.
As IT Risk advisor you will contribute to the programs, projects and safe run of the ING organization within the Non Financial Risk (NFR) and specifically Information Risk Management (Information (Technology) Risk and Continuity Risks mainly).
You will challenge, advise and support the identification, analysis and mitigation by first line of defense/business of non financial risks to maintain the acceptable levels which are proportionate to its value and criticality.
You will raise the NFR awareness throughout units of our internal business partners and check that the first line of defense/business is complying with the risk appetite and escalate where necessary. You will closely cooperate with colleagues in other countries of ING´s presence and with Corporate Information Risk management domain located in Amsterdam.
As an IT Risk Advisor your role is to:
- Execute 2nd Line of Defense Risk management
- Challenge risk management execution and control processes and take corrective actions if necessary (escalation). Coordinate the reporting of risks and controls by the first line of defense (business) regarding designated business processes.
- Information and Business Advice
- Provide specialist advice on the interpretation and applicability of policies and procedures, resolve queries and issues and refer complex issues towards internal business partners related to information security.
- Contribute to execution of various Business Impact Assessments, Risk Assessments or detailed IT Risk Assessments
- Participate in Projects and Program Risks and Issues Management
- Identify and evaluate risks, issues, dependencies, and constraints associated with the projects and within business as usual situation, escalate where appropriate. Where necessary, contribute to developing, agree on, and participate on implementation of solutions to overcome these.
- Challenge the first line of defense and periodically report upon the risks related to Information (Technology) Risks and Continuity Risks.
- Perform specific second line reviews (e.g. spot checks – reviewing the implementation and effectiveness of IT controls for (Business) applications and relevant entity controls
- Contribute to the development and maintenance of a risk awareness related to your scope within the organization
- Risk Monitoring: Execute Second Line Monitoring activities (review and challenge) within Key Control Testing and Quality Assurance activities related to IT assets
- You are energetic, self-motivated professional who already possesses relevant skills and is eager to learn and develop further
- You are focused, self-driven and result oriented with ability to think structurally and analytically – both in broad sense but also with attention to detail
- You have sound judgement and can defend your opinion
- You are the advisor, who can provide risk management activities related to business applications, IT processes, databases and infrastructure to support and challenge the work of others
- You possess collaboration skills and ability to work across domains and geographies
- You can be firm when needed and flexible where possible. You know how to earn trust and respect of both colleagues and management
- You are fluent in English, both written and spoken
- You want to work with teammates, global stakeholders, (internal) business partners and various corporate departments
- 2+ years of previous experience in IT Risk management, IT Security or IT audit (financial institutions are plus)
- IT education oriented (on security is a plus)
- Knowledge of IT and IT Security related methodologies and frameworks (COBIT, ISO2700x, etc.) is preferred
- International certifications for Information (Technology) Risk Management (e.g. ISC2, ISACA accreditations) are considered as advantage
From 2720 EUR/month
*By legal requirement we are providing the information about the basic wage component (minimum salary) for the advertised position. Based on your experience/profile, the final financial conditions will be the subject to discuss and negotiate at the personal interview, however, not less than above mentioned minimum salary component.