Key Responsibilities

• Develop and maintain the IT risk management framework, policies, and procedures in line with organizational objectives and regulatory requirements.
• Conduct regular risk assessments, gap analyses, and control evaluations for IT systems, applications, and processes.
• Collaborate with cybersecurity, compliance, and business teams to identify, assess, and mitigate risks related to information security, data protection, cloud services, and emerging technologies.
• Define and monitor Key Risk Indicators (KRIs) and ensure effective reporting to executive leadership.
• Lead the risk assessment component of IT projects, ensuring appropriate risk controls and governance are integrated from design to deployment.
• Support internal and external audits, regulatory inspections, and compliance reviews.
• Provide expert guidance on IT risk management best practices, aligning with frameworks such as ISO 27001, NIST, COBIT, and ITIL.
• Conduct awareness programs and training to build risk culture across IT teams.
• Prepare and deliver risk dashboards, reports, and recommendations to senior management and boards.

Qualifications & Experience

• Bachelor’s or Master’s degree in Information Technology, Computer Science, Risk Management, or related field.
• 10+ years of experience in the IT sector, with at least 5 years focused on IT risk management, governance, or information security.
• Strong knowledge of IT infrastructure, cloud environments, application security, and cybersecurity frameworks.
• Hands-on experience with risk assessment methodologies, control testing, and audit processes.
• Familiarity with regulatory requirements (e.g., GDPR, SOX, DORA, or equivalent regional frameworks).
• Excellent analytical, communication, and stakeholder management skills.
• Professional certifications such as CISM, CRISC, CISSP, ISO 27001 Lead Auditor/Implementer, or COBIT are highly desirable.

Daily rate: 450 euros/day