IT Risk Officer in GCC Bucharest
ROMANIA IT development
Job description
What you do
• Participate in the deployment of the IIRM process (COBIT 5)
• Deploy B.A Scoping in Archer to derive criticality of AZ Trade assets
• Identify the CIA value and the controls to be applied (TMC)
• Open the B.A to the FitGap tool and link it with ARA corresponding control
• Identify the controls to be performed (based on ARA coverage)
• Manually verify each evidences provided in ARA and indicate whether it is ToD/ ToE
• Manually verify each evidences provided in ARA and indicate the result of testing
• Evidence collection and control deployment for deficient controls
• Open Archer risk, and request BO Validation.
• Report on advancement to governance team
• Based on the decision made, track the implementation of the mitigation measures or track the risk acceptance expiration date.
• Participate in the production of solvency 2 reportings
• Provide support to operational teams and owners of object at risks
What you bring
• Used to work on IT/IS Risk issues
• Technical skills: Advanced in audit and internal control methodologies and familiar with COBIT / ITIL / NIST
• Capacity to communicate easily with different level of managers
• Capacity to prioritize and to manage complexity and good knowledge of IT organization and processes
• Analytical skills and rigor
• Fluent in English, French is a nice to have.
• Join us to leverage your expertise in artificial intelligence and contribute to cutting-edge projects that shape the future of our industry.