IT Risk Expert

The role is accountable for awareness, planning, and monitoring of all activities related to IT Risk controls compliance.

It actively engages stakeholders in implementing controls and ensures that IT Risk controls are identified and prioritized in the tribe’s backlog. Tribes appoint Risk Champions within their teams to guide them through the IT Risk compliance process, ensuring compliance within change management and maintaining the compliance status of all IT Risk controls.

1. Engage stakeholders (Tribe Leads, Product Owners, IT Area Leads) and related Squads in implementing controls, ensuring IT Risk controls are prioritized in the backlog. Provide visibility about the program, including walkthroughs, deliverables, and estimations.
2. Serve as the focal point in the Tribe for IT Risk topics.
3. Act as the single point of contact between the Tribe and the Central IT Risk COE.
4. Provide feedback and act as the contact between asset Product Owners and the IT Security & Risk COE, remediating impediments related to IT Risk.
5. Maintain IT Risk tools (ITRMP) for controls affecting Tribe or Area assets, including evidences management, ensuring quality and compliance before go-live.
6. Manage the Tribe's IT Risk calendar to ensure timely renewal of controls, coordinating with squads owning specific assets.
7. Define a reliable and sustainable IT Risk yearly plan for the Tribe’s assets, collaborating with IT Risk and Security COE on the Risk Roadmap.
8. Align regularly with IT Custodians (IT Area Lead and Technical Product Owner) to understand technical aspects of assets.
9. Collaborate with Chapter Lead and IT Risk and Security COE to report progress, achievements, and issues, registering them in the issue tracking tool (iRisk).
10. Train new joiners and Tribe colleagues on Risk topics and updates to IT Risk templates or processes.
11. Coordinate with central COE and IT Risk Streams Lead to stay updated on new templates, standards, and requirements.
12. Support Tribe squads to meet IT risk requirements, ensuring controls are compliant and issues are tracked before go-live.

• Degree in Information Technology / Engineering or equivalent
• 2+ years of experience in Risk Management or IT Security roles in a complex, international environment
• Previous experience in Tech / Security domain
• Deep knowledge of IT Risk and Security processes
• Fluent in English (written and spoken)
• Advanced MS Office skills
• Proven analytical skills
• Experience dealing with stakeholders at various levels

• Leadership
• Excellent relational skills
• Teamwork
• Stakeholder management
• Customer-centricity
• Execution excellence

• Duration: Permanent
• Location: Not specified