IT Risk & Control Governance Lead

Social network you want to login/join with:

Client: Euroclear

Location:

Job Category: Other

-

EU work permit required: Yes

IT Risk & Control Governance Lead

Role

You will be responsible for supporting the risk transformation within IT, increasing risk culture and control maturity. You will report, follow-up, and alert action plan owners about risk mitigation slippages. Your interactions will mainly be with product owners and stakeholders across the Technology department, providing support and reporting to ensure risks are well managed within risk appetite. Collaboration with Risk management and audit stakeholders is essential. Maintaining relationships with IT risk champions across areas to leverage expertise and align approaches is also required.

You need to work autonomously across multiple IT areas, with a focus on continuous improvement and change management, including planning for future needs.

Group CISO Division

Led by the Chief Information Security Officer (CISO), this division centralizes security ownership across Euroclear, located within Technology.

The division aims to protect Euroclear’s assets that support core (I)CSD business services, aligned with its role as a global Financial Market Infrastructure.

IT and Cyber Risk Department

This department provides services to:

• Manage risks end-to-end by identifying IT, information security, or cyber risks or deficiencies
• Remediate root cause issues through sustainable controls and increase control maturity
• Align risk exposure with the firm’s risk appetite
• Ensure regulatory compliance
• Embed accountability, ownership, and risk culture within the first line

Within the Enterprise Risk Management (ERM) framework, the team maintains a strong control environment based on internationally recognized controls, enabling continuous risk identification, assessment, monitoring, and mitigation.

The team includes sub-teams:

• IT and Security Risk Management
• Policies and Controls
• Security Risk Assessments
• Regulatory and Customer Compliance Assessments
• Customer and Third-Party Risk

The IT and Security Risk Management team’s main responsibilities include:

• Supporting IT risk identification, analysis, response, and monitoring
• Producing accurate, high-quality reports
• Providing evidence for mitigating actions and issues closure
• Participating in team meetings to stay informed
• Contributing to decision-making for risk responses
• Assessing risks and finding appropriate mitigation strategies
• Collaborating with Risk management and IA on regulatory issues
• Enhancing risk awareness through communication and documentation

Skills

• Extensive knowledge in security and/or IT risk management
• Excellent interpersonal and influencing skills for stakeholder engagement
• Experience with regulatory compliance and security best practices
• Strong analytical skills, including data analytics
• Ability to multitask, prioritize, and adapt in a fast-paced environment
• Strong organizational, coordination, reporting, and communication skills
• Knowledge of financial markets, FMIs, and CSD operations (advantage)
• Experience in international and multinational organizations (advantage)
• Knowledge of control frameworks (ISO 27000, NIST, CIS-18, COBIT-5) (advantage)
• Technical certifications (CISA, CISM, CISSP, CRISC) are advantageous