Job Description
The role of the Risk Officer for Shadow IT is to ensure proper management of this risk within Governance, Risk and Compliance Frameworks.
This involves managing a global inventory of shadow IT usage and resulting IT risks.
To achieve this, the Risk Officer will liaise with business teams to identify new or evolving Shadow IT situations, challenge content declared, data completeness and consistency, and provide support and coordination during assessment and validation.
Main Responsibilities:
* Management of the Risk Register: Regularly update IT risks criteria over time (risk category, owner, impact…). Initiate and support the annual review of all IT risks in the Risk Register.
* Support risk assessment: Organize with relevant stakeholders the assessment/analysis about identified IT risks (impact, mitigation…). Organize the validation of IT risks assessment. Collect new risk cards and challenge them with relevant stakeholders (mitigation suggested).
* Reporting: Gather feedback regarding formalization of risk cards & ongoing mitigation measures from risk owners. Follow KPI defined in risk cards (mitigation, impact…). Perform a reporting about risks and risks mitigation to top management, raise alerts if needed.
Required Skills and Qualifications
* Proven experience in IT Risk Management Methodologies, and knowledge in following steps under IT Risk plan/framework: Risk monitoring (knowledge in risk management: ability to identify, alert and suggest remediation). Risk analysis (ability to anticipate/analyze threats and create risk scenario) and - Risk opinion (ability to challenge, approve and decide (new activities, projects…)
* IT general knowledge (global knowledge of IT, its major processes and assets & solutions) and Cybersecurity (general knowledge in cybersecurity risks, frameworks, and requirements) GRC (Governance, Risk and Compliance) for IT.
* Regulatory (general knowledge in IT and cybersecurity regulators framework) and Compliance (global knowledge of compliance, its major processes or regulatory framework)
* Shadow IT (eg. IT assets outside the IT governance) Management
Benefits
* Opportunity to work in a challenging and dynamic environment.
* Professional growth and development opportunities.
* Collaborative and supportive team environment.
Others
* Strong analytical and problem-solving skills.
* Excellent communication and interpersonal skills.
* Ability to work in a fast-paced environment.