ICT Risk officer

Within the Risk & Compliance department, a team of more than 40 talented professionals in Risk Business Continuity Management, Internal Control, and Compliance, spread across various geographies, is dedicated to preserving the value, assets, and reputation of the company. Core activities include risk identification and assessment, implementing mitigation actions, raising staff and business awareness, monitoring, and ensuring compliance with relevant regulations.

The Operational Risk & Business Continuity Management (BCM) team functions as the second line of defense for risks related to IT, Cybersecurity, Human Resources, Procurement, and other transversal departments. The team maintains the ICT Risk Management and digital Operational Resilience maturity across the group, with stakeholders in all Euronext entities (Paris, Porto, Milan, Oslo, New York, Dublin, Copenhagen).

As an IT & Cyber Risk Officer, the successful candidate will engage in all areas of the business within the Euronext group, primarily focusing on IT and Cybersecurity resilience across the Group.

The role involves supporting the Risk team in monitoring and deploying the ICT Risk Management Framework and the Digital Operational Resilience Strategy (DORS, aligned with DORA regulation). The candidate will collaborate closely with the Euronext Risk Management community and IT and Cybersecurity teams to ensure robust ICT risk management throughout the organization and its entities.

1. Collaborate with internal stakeholders to identify, assess, and monitor ICT risks, ensuring alignment with company policies and regulatory frameworks (e.g., DORA, ISO 27001).
2. Assist in conducting ICT asset risk assessments, including evaluating criticality, exposure, and dependency risks.
3. Support the creation and maintenance of ICT risk registers and dashboards, ensuring accurate documentation and reporting.
4. Contribute to developing and enhancing ICT risk mitigation strategies and action plans.
5. Participate in change management and project management risk oversight.
6. Participate in Level of Defense 2 (LOD2) reviews on Third Party Risk assessments.
7. Assist in the development of Operational Risk Indicators.

1. Assist in reviewing IT and cybersecurity measures to safeguard ICT assets and operations.
2. Contribute to developing ICT risk awareness programs and training initiatives.

1. Act as a junior PMO for ICT risk and resilience initiatives, ensuring tasks are well-coordinated and deadlines met.
2. Prepare summaries and presentations related to ICT risk management activities for senior stakeholders.
3. Contribute to periodic reporting on ICT risk posture, incidents, and key metrics.

• 1 to 3 years of higher education in IT, cybersecurity, or risk management, or equivalent experience.
• Entry-level knowledge of IT systems, cybersecurity concepts, and risk management frameworks.
• Familiarity with standards such as ISO 27001, NIST, CIS.
• Understanding of financial regulations (e.g., MIFID, DORA, NIS 2) is a plus.

• Fluent in English; French is a plus.
• Strong analytical and problem-solving skills.
• Autonomy, proactivity, and ability to synthesize complex information.
• Excellent written and verbal communication skills.

We are proud to be an equal opportunity employer, valuing diversity and committed to a respectful environment free from discrimination based on race, gender, age, citizenship, religion, sexual orientation, gender identity, disability, or other protected factors.

This job description outlines main activities and is not exhaustive. Additional tasks or projects may be added as needed.

Required Experience: Unclear seniority level.

Key Skills: Internal Audit, Information Systems, Community Support, Environmental Science, Information Technology Sales.

Employment Type: Full-Time

Experience: 1-3 years preferred.

Vacancy: 1