Mission

The IT Risk Register Officer main mission is to promote the management of IT risks , and contribute for Governance, Compliance and Risks frameworks within company. He/she has a global view on all IT risks. In this role, will support operational teams to identify new IT risks, promote the adequate assessment of IT Risk accordingly to the framworks/ standards in use, and to perform a follow-up to the entire IT Risk portfolio, namely in the mitigation measures. He/she will also manage the Risk Register over time (update of the criteria: risk category, owner, impact, due date…). Finally, he/she performs a reporting about these risks to the top management.                      

Main Tasks:

Management of the Risk Register:

- Update regularly IT risks criteria over time (risk category, owner, impact…)

- Initiate & support the annual review of all IT risks in the Risk Register                                                                   

Support risk assessment:

- Organize with relevant stakeholders the assessment/analysis about identified IT risks (e.g.: impact, mitigation…)

- Organize the validation of IT risks assessment

- Organize the compliance with the company's Risk Management process

- Collect new risk cards and challenge them with relevant stakeholders (e.g.: mitigation suggested)"                                                

Reporting:

-  Gather feedbacks regarding formalization of risk cards & ongoing mitigation measures from risk owners

-  Follow KPI defined in risk cards (mitigation, impact…)

-  Perform a reporting about risks and risks mitigation to the top management, raise alerts if needed

- Participate to the Business Line Risk committee to share inputs about risks (risks stored in Risk Register, level of risks, impact…)

Perfil

Technical skills:

• Risk monitoring (knowledge in risk management: ability to identify, alert and suggest remediation)                                                
• Risk analysis (ability to anticipate/analyze threats and create risk scenario) and Risk opinion (ability to challenge, approve and decide (new activities, projects…)                                        
• Internal audit knowledge (knowledge of the audit process and methodology)                                           
• IT knowledge (global knowledge of IT, its major processes and assets & solutions) and Cybersecurity (general knowledge in cybersecurity risks, frameworks and requirements)  
• Regulatory (general knowledge in IT and cybersecurity regulators framework) and Compliance (global knowledge of compliance, its major processes or regulatory framework)
• English                                                                        

Soft skills:

• Organizational skills                               
• Ability to collaborate / teamwork                                    
• Decision making                                      
• Analytical ability/ Critical thinking                                   
• Ability to manage a project 

Organización

Inetum is a European leader in digital services. Inetum’s team of 28,000 consultants and specialists strive every day to make a digital impact for businesses, public sector entities and society. Inetum’s solutions aim at contributing to its clients’ performance and innovation as well as the common good.

Present in 19 countries with a dense network of sites, Inetum partners with major software publishers to meet the challenges of digital transformation with proximity and flexibility.

Driven by its ambition for growth and scale, Inetum generated sales of 2.5 billion euros in 2023.