Job description:
Within Cybersecurity and Digital Fraud department, the Risk Analyst role in the Cyber Payment area will give you valuable experience in cybersecurity and payments-both strategic priorities for the Group. Within the IT Group (ITG), the Cybersecurity and Digital Fraud (CDF) department manages the cyber risks of our information systems to protect the Bank and its customers. As a member of CDF you will join the CISO Payment team. Your primary mission is to identify and analyze operational risks through control execution for the IT Payment services perimeter and monitor associated remediation actions. You will report to the ITRO leader.
In this role you will collaborate with security, development and production teams, as well as with IT risk stakeholders such as the IT Risk Manager, the IT Continuity & Resilience Officer, and the RISK function.
Beyond an understanding of cybersecurity and organization, it will be a plus if you are also familiar with payment activities and the relevant regulations - DORA, and PCI DSS - given the high criticality of the scope.
Main Tasks:
* Define and promote cybersecurity governance for ITG's Payment Services (IT PS).
* Support IT PS in understanding, controlling, and managing their cyber risks.
* Oversee end-to-end cyber risk supervision across the three cross entity sectors: IT Cash Management, Customer Data Services, Electronic Payments, and Factoring.
* Identify and analyze risks while collaborating to permanent control activities on ICT and non-ICT risks:
- Determine root causes and potential adverse events,
-Plan and conduct operational risk inputs (RCSA results, historical incidents, control plans) to update the risk landscape,
-Follow remediations by overseeing implementation of corrective actions and verifying effectiveness.
Report to the CISO/ITRO/ICRO Payment:
* Issue alerts, propose corrective actions, and deliver a consolidated risk overview.
Support risk-management exercises:
* Provide inputs for RCSA, audits and other relevant reviews,
* Support 3rd party management analysis.
Technical Skills:
* Knowledge of GRC IT / Service Now tool and the Microsoft Office suite,
* Proven knowledge of risk management (+3-year experience),
* Strong analytical skills - ability to perform root cause analysis and impact assessment.
Language Skills:
* English
* French - Practice
Soft Skills:
* Proactive attitude, strong stakeholder management capabilities, and a continuous learning mindset
* Strong analytical skills - ability to perform root cause analysis and impact assessment.