ICT Risk Analyst

Join Colibrix One – Innovating the Future of Payments

At Colibrix One*, we’re building advanced, AI-powered payment technologies that support Payment Service Providers (PSPs), Electronic Money Institutions (EMIs), and neobanks across the EU and the UK. As a fully licensed EMI (FCA reference number 927920) and a Principal Member of Mastercard, we offer real-world financial solutions that include:

• Global card processing
• Digital wallet infrastructure
• Cross-border merchant accounts
• Alternative payment methods (APMs)
• Corporate accounts for legal entities

We’re a fast-growing team with a passion for innovation, security, and scalability. Our culture values curiosity, collaboration, and impact - and we’re looking for talented professionals who are ready to shape the future of fintech.

At Colibrix One, your work directly powers the digital economy. If you're eager to solve meaningful challenges and build with purpose, we’d love to hear from you.

About the role
The ICT Risk Analyst is responsible for identifying, assessing, monitoring, and mitigating technology-related risks to ensure compliance with regulatory standards, particularly the Digital Operational Resilience Act (DORA). The role focuses on strengthening ICT systems and third-party vendor resilience, supporting business continuity, and ensuring secure and compliant operations. The ICT Risk Analyst collaborates with internal stakeholders and external providers to safeguard operational continuity and regulatory adherence.

Key Responsibilities

• Conduct ICT risk assessments across applications, infrastructure, and cloud services in line with DORA
• Maintain an ICT risk register and report on Key Risk Indicators (KRIs)
• Identify, classify, and document ICT-related incidents, ensuring compliance with DORA reporting timelines
• Support scenario testing and threat-led penetration testing
• Perform due diligence and periodic reassessments of critical third-party vendors
• Monitor vendor contracts and performance to ensure compliance with resilience and continuity requirements
• Ensure ICT risk management practices align with DORA, EBA guidelines, GDPR, ISO 27001, NIST, and related frameworks
• Manage and maintain internal ICT-related documentation including Policies, Procedures, and Standards
• Support business continuity planning, disaster recovery, and ICT incident response activities
• Advise management on ICT and vendor risks, and raise awareness through training and stakeholder engagement

What you need to succeed in this role

• Bachelor’s degree in Information Technology, Risk Management, Cybersecurity, or related field
• 3+ years of experience in ICT, Information Security, Risk Management, Compliance, or Operational Risk Management areas in relation to ICT
• Strong understanding of ICT infrastructures, cloud environments, and cybersecurity
• Familiarity with DORA requirements and other EU/financial sector regulations
• Experience with vendor risk assessments and third-party risk management frameworks
• Professional certifications such as CISA, CRISC, CISM, ISO 27001 Lead Auditor, or CISSP (preferred)
• Excellent analytical and problem-solving skills
• Strong communication and stakeholder management abilities
• Ability to translate technical risks into business impacts

What We Offer

• Opportunity to shape the future of fintech solutions within a growing company
• Collaborative, horizontal team structure that values your expertise and ideas
• Continuous learning and development opportunities to enhance your skills and career growth
• Competitive salary and benefits package
• Flexible work arrangements to support work-life balance