Europeos.es : Inicio > Trabajo en Luxemburgo > gestor de seguridad de TIC/gestora de seguridad de TIC > It Governance & Risk Manager ( M/f)
en Español in English auf Deutsch en Français ...
Trabajar de gestor de seguridad de TIC/gestora de seguridad de TIC en Luxemburgo
It Governance & Risk Manager ( M/f)
Clasificación del trabajo: Profesionales científicos e intelectuales › Profesionales de tecnología de la información y las comunicaciones › Especialistas en bases de datos y en redes de computadores › Especialistas en bases de datos y en redes de computadores no clasificados bajo otros epígrafes › gestor de seguridad de TIC/gestora de seguridad de TIC.
Traducción de la profesión: Akademische Berufe › Akademische und vergleichbare Fachkräfte in der Informations- und Kommunikationstechnologie › Akademische und vergleichbare Fachkräfte für Datenbanken und Netzwerke › Akademische und vergleichbare Fachkräfte für Datenbanken und Netzwerke, anderweitig nicht genannt.
Descripción de la oferta de trabajo:
Your role – Are you ready for a challenge?
The IT Governance and Risk Manager plays a critical role in advancing our IT department. This position is pivotal in defining, implementing, and maintaining robust IT governance frameworks and controls, especially during significant application updates. The role involves facilitating the development, implementation, documentation, and review of IT policies, procedures, processes, programs, and practices to ensure operational efficiency and continuous compliance with organizational and industry laws, regulations, and frameworks.
The IT Governance and Risk Manager serves as a key representative for IT governance, working across all organizational functions to ensure comprehensive control over areas such as policies and procedures, application security, identity and access management, and data protection. This position is a vital member of the IT Executive team and collaborates closely with the IT Director, other IT Executive team members, and IT team leaders.
Your responsibilities will be as follows:
1. Policy Management:
Develop, improve, and maintain a comprehensive IT policy library that aligns IT procedures, guidelines, and standards with approved company policies.
Ensure that policies are regularly updated to reflect changes in technology, business processes, and regulations.
2. Standard Operating Procedures (SOPs):
Manage and disseminate documentation of standard operating procedures for IT, ensuring alignment with best practices and organizational objectives.
Collaborate with various IT teams to ensure SOPs are practical, relevant, and adhered to.
3. Application and Asset Management:
Enhance and maintain the application inventory system as the authoritative source of record for approved business applications.
Define and govern application ownership and assign application-specific responsibilities using tools such as a RACI matrix.
Redefine the asset classification structure and establish procedures for asset and license inventory management. Coordinate with relevant teams for execution.
4. Audit and Compliance:
Lead coordination with internal and external audits, supporting testing, walkthroughs, and process reviews for audit, risk, and compliance initiatives.
Centralize IT internal and external audit requests, ensuring timely delivery of expected deliverables.
5. Risk Management:
Manage the IT risk registry, ensuring that risks are identified, documented, and mitigated effectively.
Lead investigations into internal issues/events, coordinate risk mitigation efforts, and provide compliance recommendations.
6. Data Privacy and Protection:
Oversee the IT-specific application of the company's data privacy program, ensuring compliance with applicable laws and regulations.
Provide situational awareness and guidance to relevant stakeholders and committees regarding data protection and privacy matters.
7. Performance and KPI Management:
Collaborate with team leaders to define KPIs, track progress on defined objectives, and initiate interventions when necessary.
Prepare regular reports for senior management on IT governance, risk, and compliance status.
8. Stakeholder Engagement:
Engage with various stakeholders, including senior leaders and executives, to build consensus and drive change.
Clearly communicate risk and compliance issues in a manner that is understandable and actionable for business and technical audiences.
Your profile – Have you got what it takes to become our IT Governance & Risk Manager?
Required
Master's Degree in Business, Computer Science, Information Systems, Engineering, or a related field, or equivalent work experience
At least 5 years of relevant experience in IT risk management with a mature understanding of Information Technology
Proven experience in people management with demonstrated leadership and coaching abilities
Experience evaluating the design and effectiveness of IT controls
Proven track record of planning, organizing, and developing IT compliance initiatives
General ability to pull data from database tables, database views, application sources, and other data stores for compliance reporting purposes
Strong understanding of IT regulations and ordinances, including familiarity with frameworks such as ISO 27001, NIST, COBIT, etc.
Excellent understanding of project management principles, with experience in tools such as Agile, Scrum
Critical thinker with an analytical and problem-solving mindset, capable of synthesizing large amounts of data quickly for consumption by multiple stakeholders
Detail-oriented, self-motivated, and disciplined, with excellent time management skills
Ability to take initiative and ownership with a focus on continuous improvement
Excellent written and oral communication and presentation skills for leadership, technical, and business audiences
Fluency in English (spoken & written) is mandatory; additional spoken languages are an added value.
Additional Assets
Certifications:
Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) certifications are a plus.
Additional certifications in IT governance or risk management would be advantageous.
Experience:
Experience in working within highly regulated industries such as finance, healthcare, or government.
Familiarity with emerging technologies and their potential risks, such as cloud computing and AI.
Technical Skills:
Familiarity with IT governance and risk management software/tools.
Experience in implementing cybersecurity measures and data protection strategies
País del trabajo: Luxemburgo.
Número de puestos: 1.
Nivel educativo: Máster o nivel equivalente.
Experiencia: 5 años.
Empleador: LOMBARD INTERNATIONAL ASSURANCE S.A..
Instrucciones para solicitar:
Oferta de trabajo obtenida del portal Eures, con fecha 20 de Septiembre de 2024, y con identificador de la vacante:PES_LU_731352.
Ofertas de trabajo similares:
- Data Leakage Prevention (DLP) – Tech Cyber Security Specialist. Luxemburgo, 01 Nov. 2024.
- ICT Risk Manager. Luxemburgo, 17 Oct. 2024.
- ICT Risk Assistant Manager. Luxemburgo, 17 Oct. 2024.
- PS Support Engineer, Security Integrations Group (SIG) (m/f). Luxemburgo, 16 Oct. 2024.