.IT Risk Manager (m/f/d) Together for a Thuringia worth living in: In the heart of Erfurt, over 500 employees are part of the Thüringer Aufbaubank. You can make the most of your strengths with us: We offer multi-faceted tasks and a wide range of professional fields. With around 80 employees, our IT department takes care of our IT infrastructure, data analysis and our own software development. IT management supports the processes. Your tasks It is your task to maintain the defined IT risk management process, to report the results of the process and to monitor and further develop it (including the methods and specifications for IT risk management). In detail, this includes Proactive identification of risks (process-supported as well as ad-hoc), assessment of risks (including analysis of the impact of IT risks on business objectives) Cross-departmental planning Control and monitoring of risk treatment measures Development and implementation of a reporting system for IT risk management based on an IT risk inventory to be maintained (incl. definition, identification and monitoring of KRI (key risk indicators)) indicators) As part of your process responsibility, you will also check the extent to which supporting measures (e.G. creation / updating of templates for IT risk registers or scenarios,...) are appropriate and initiate these independently. In addition, you will provide organizational support for IT emergency management (BCM) by planning and carrying out emergency exercises and maintaining recovery and restart plans. As the central point of contact for the IT department, you are in constant contact with other stakeholders, e.G. Cross-company risk management / op Risk (comparison with IT risks) Information security (comparison with inventory of information security risks) Audit (contact person for the preparation and follow-up of audits and risks resulting from findings) Your profile Degree in business informatics, computer science or comparable Sound knowledge / practical experience in the field of IT risk and IT emergency management Sound knowledge of relevant standards and frameworks (e.G. IT baseline protection compendium (BSI), COBIT 5 desirable) Experience in the optimization of (IT) processes Relevant certifications in IT risk (e.G. CRISC) or emergency management (e.G. BCM Manager) are desirable Structured and analytical thinking, a high level of personal responsibility, reliability and commitment as well as excellent time management skills Strong communication skills paired with persuasiveness and assertiveness High social skills and ability to work in a team combined with a high level of loyalty If you do not yet fully meet any of the above requirements, we will work with you to plan all necessary further training measures and ensure that you receive comprehensive induction training