Deputy Risk Officer (PE-11600)
You will be responsible for the assessment and management of IT and other Operational Risks (including risk control implementation and testing) of daily operations of IT infrastructure, applications, and support function teams located in Budapest and CEE.
As part of a truly global team you will have to work with different teams, learn how to use best practice and support with your strength and knowledge. You will be given the opportunity to work on different projects and processes in an international environment. You will have a functional reporting line to the CEE Local Risk Officer.
The organizational set-up, task management and reporting line is continuously aligned with the Regional Risk Officer (RRO) and with the Chief Risk Officer (CRO), both located in Barcelona, Spain.
• Ensure that the local entity fully complies with the Risk Policy Framework and other relevant policies and regulations; if necessary, adapt to local regulation after pre-alignment with the Regional Risk Officer and/or CRO.
• Coordinate and ensure the regular performance of the Risk & Control Lifecycle: Identify in-scope IT and other Operational Risks, coordinate the risk and control environment effectiveness assessments, identify key controls, plan and perform the control testing, identify and follow-up the mitigation plans
• Ensure the requirements implementation for a compliant Third-Party Risk Management
• Work closely with service owners, experts and management to ensure transparency of the risk profile and management of key risks, and therefore provide assurance that the local entity fully complies with Risk Policy framework
• Prepare and contribute towards reporting to executive meetings (e.g. Risk Committee, Local Management committee, etc.)
• Reporting on occurred operational loss events, control weaknesses, ad hoc stress scenarios and events related to third-party and outsourcing providers, including follow-up of mitigation actions
• Professional experience in different areas of IT risk management or other safeguarding functions
• Basic experience in IT operations or engineering with understanding of IT dependencies and relations
• Good understanding of risk categories: operational risk, IT risk, project risk, third party risk, business risk
• Basic knowledge of relevant regulatory environment standards (e.g. COBIT2019, COSO, ISO27xxx, ISAE/SOC) and local regulatory requirements
• Ability to work in international team in global set-up
• Strong communication and conflict management skills
• English (full working proficiency)
• Hungarian is a plus
Nice to have:
• Experience in similar position