Banking Sector | Risk Register Officer

Company Description

At Devoteam, we believe that technology with strong human values can actively drive change for the better. Discover how Tech for People unlocks the future, creating a positive impact on the people and the world around us. We are a global leading player in Digital Transformation for leading organisations across EMEA, with a revenue of €1B. We believe in transforming technology to create value for our clients, partners and employees in a world where technology is developed for people. We are proud of the culture we have built together. We are proud of our people at the service of technology. We are proud of our diverse environment. Because we are #TechforPeople. Join our multidisciplinary team of Cloud experts, Designers, Business consultants, Security experts, Engineers, Developers and other extraordinary talents, spread across more than 20 EMEA countries. Become one of our +10.000 tech and business leaders on cloud, data and cyber security. Let’s fuse creativity with technology together and build innovative solutions that actively change things for the better.

Job Description

The Risk Register Officer plays a crucial role in managing IT risks for the organization. This role provides a comprehensive view of all IT risks, supporting operational teams in identifying new risks, assessing them, and tracking their mitigation measures. The Risk Register Officer is also responsible for maintaining the Risk Register over time, including updates to risk categories, ownership, and impact. Additionally, the role involves reporting on these risks to top management.

Management of the Risk Register:

• Regularly update IT risk criteria over time (risk category, owner, impact, etc.).
• Initiate and support the annual review of all IT risks in the Risk Register.

Support Risk Assessment:

• Coordinate with relevant stakeholders to assess and analyze identified IT risks (e.g., impact, mitigation).
• Organize the validation of IT risk assessments.
• Ensure compliance with the organization's Risk Management process.
• Collect new risk entries and challenge them with stakeholders (e.g., suggested mitigations).

Reporting:

• Gather feedback on the formalization of risk entries and ongoing mitigation measures from risk owners.
• Track KPIs defined in risk entries (mitigation, impact, etc.).
• Report on risks and their mitigation to top management and raise alerts if necessary.
• Participate in the Business Line Risk Committee to provide insights on risks (those in the Risk Register, risk levels, impact).

Qualifications

• Knowledge in risk monitoring (ability to identify, alert, and suggest remediation)
• Ability to conduct risk analysis (anticipate/analyze threats and create risk scenarios) and form risk opinions (challenge, approve, and decide on new activities or projects)
• Understanding of internal audit processes and methodologies
• General knowledge of IT, its major processes, assets, and solutions
• General knowledge in cybersecurity risks, frameworks, and requirements
• Understanding of IT and cybersecurity regulatory frameworks
• General knowledge of compliance and its major processes or regulatory frameworks
• English proficiency

Additional Information

The Devoteam Group works for equal opportunities, promoting its employees based on merit and actively fights against all forms of discrimination. We are convinced that diversity contributes to the creativity, dynamism and excellence of our organization. All of our vacancies are open to people with disabilities.