Job Description Main Tasks: Management of the Risk Register: Update regularly IT risks criteria over time (risk category, owner, impact…) Initiate & support the annual review of all IT risks in the Risk Register.
Support risk assessment: Organize with relevant stakeholders the assessment/analysis about identified IT risks (e.g.
: impact, mitigation…) Organize the validation of IT risks assessment Organize the compliance with the Risk Management process Collect new risk cards and challenge them with relevant stakeholders (e.g.
: mitigation suggested). Reporting: Gather feedbacks regarding formalization of risk cards & ongoing mitigation measures from risk owners Follow KPI defined in risk cards (mitigation, impact…) Perform a reporting about risks and risks mitigation to the top management, raise alerts if needed Participate to the Business Line Risk committee to share inputs about risks (risks stored in Risk Register, level of risks, impact…).
Qualifications Technical Skills: Risk monitoring (knowledge in risk management: ability to identify, alert and suggest remediation) Risk analysis (ability to anticipate/analyze threats and create risk scenario) and Risk opinion (ability to challenge, approve and decide (new activities, projects…) Internal audit knowledge (knowledge of the audit process and methodology) IT knowledge (global knowledge of IT, its major processes and assets & solutions) and Cybersecurity (general knowledge in cybersecurity risks, frameworks and requirements) Regulatory (general knowledge in IT and cybersecurity regulators framework) and Compliance (global knowledge of compliance, its major processes or regulatory framework) Language Skills English: Fluent Additional Information Hybrid working model in Porto.