Senior IT Risk Specialist

Why join us in 2026 

Think of the digital tools we use daily - from virtual shopping to contactless payments. They're shaping our future. Join us to influence the future of digital banking in an innovative environment. With our global merger, the opportunities for personal growth and collaboration are immense. 

 If you join us in the role of Senior IT Risk Specialist, this is what you can expect from us: 

• Attractive salary and an overall competitive package 
• Well-structured training for the job and constant support from your manager 

• Hybrid way of working 

  
  
• Equipment needed for the role (laptop and mobile phone, including monthly mobile phone subscription) 

About your future role 

As an Senior IT Risk Specialist, you will be part of a passionate IT Risk management team within a larger Risk Management & Regulatory Compliance department in the second line of defence. You will work in a collaborative and hands-on environment with a supportive atmosphere that emphasizes a good team dynamic and knowledge sharing. Being part of a larger group provides a network across Europe, offering opportunities to share knowledge and experience broadly. You will regularly interact with the Group IT Risk Management team and contribute to shaping the future of IT Risk management across the Group.

The position is in Krakow, Poland and offers hybrid ways of working, enabling flexibility in working hours and working place. 

Your key responsibilities in this role will be: 

Key Responsibilities:

• Work with cross-functional teams and the first line of defence to identify, assess, and support mitigation of IT risks across critical services, new products, and projects, ensuring alignment with internal policies.

• Provide second line oversight, providing independent review and challenge of IT risk assessments, helping ensure compliance with frameworks, regulatory requirements, and industry standards.

• Respond to internal control inquiries, track remediation efforts to resolution, and support the design and effectiveness of IT controls supporting controls and compliance.

• Conduct IT Project Risk Assessments (ITPRA) for strategic, high‑criticality, or complex projects, covering scenario definition, risk identification, impact assessment, and evaluation of project risk exposure.

• Recommend mitigation actions for unacceptable risks based on the methodology's risk acceptance criteria.

• Participate in ongoing risk monitoring meetings, ensuring continuous assessment of emerging risks, evolving complexities, and project dependencies throughout project execution

• Prepare and maintain risk reports using the standard templates (e.g., risk scenarios, heatmaps, risk registers) 

What makes you the best person for this job? 

As you read about the role, are you eager to learn more? If so, review the qualifications that fit you for the position. Remember, beyond your skills and experience, it's your potential that sets you up for success in your daily tasks. 

Capabilities needed to be successful in this role: 

• Familiarity with (preferably solid experience with) using relevant industry standard IT standards and frameworks such as IRAM2, COBIT, ITIL and ISO27001. 

• Strong understanding of regulatory requirements and industry standards (e.g. EBA, DORA, GDPR, ISO 27001/27002, NIST, PSD2, ISO 22301, NIS2) related to IT risk management and cybersecurity. 

• Self-driven and demonstrate the ability to take full ownership of activities and responsibilities, ensuring tasks are completed efficiently and effectively, and proactively addressing any challenges that may arise.

• Strong interpersonal, communication and presentation skills necessary for interaction with business leaders and teams across all levels of the organization.

• Passionate about continuously acquiring knowledge and desire to grow.

• Foster a work environment that promotes respect, cultural awareness, and the development of skills to engage effectively with individuals from diverse backgrounds.

• Knowledge of both financial services industry and payment processing industry is a plus.

• Emerging Technologies: Curiosity and experience in designing or applying emerging technologies, such as AI agents and automation solutions, to improve IT risk processes and insights is considered an advantage.

Education and background: 

• Degree in Engineering, Computer Science, Information Systems, or a related field; advanced degree or relevant certifications (e.g., CISSP, CISM, CRISC, CISA, PRINCE2, PMP) preferred. 

• At least 10 years of work experience in IT risk management, cybersecurity, IT audit or related fields.

• Excellent command of spoken and written English.

Discover Life at Nexi
We’re an international team of 10,000+ people across 25 countries, united by shared ambition and a passion for innovation. Learn more about our culture, Values, and how we’re shaping the future of digital payments. Visit our Life at Nexi page.

Diversity and Inclusion at Nexi
We are proud to be an equal opportunity employer: together, we succeed by embracing our differences and creating a future where everyone can thrive. 

Your Next Step Starts Here
If this opportunity excites you, we’d love to hear your story. Submit your application today, and let’s shape the future of digital payments together!