IT Risk & Governance Officer

Your role in the team

Our expectations of you

Education

• Completed degree (e.g., Business Informatics, Computer Science, Business/Law with IT focus) or a comparable qualification with relevant further training in the IT risk environment.

Qualifications

• Good knowledge of security frameworks such as NIST 2.0, Cobit, ISO 27001.
• Strong solution-oriented and networked thinking, confident and professional demeanor in committee and interface work — also in an international context — as well as the ability to recognize the needs of internal clients while considering regulatory and operational requirements and translating them into practical solutions.
• Fluent in German and English, both written and spoken.

Experience

• Relevant professional experience of typically 3-5 years in dealing with regulatory IT requirements (e.g., MaRisk, DORA, EBA/EZB guidelines) and demonstrable involvement in audits (e.g., internal audit, external audit, supervisory authorities) or IT regulatory projects.
• In-depth knowledge of IT risk management, IT governance, and IT security fundamentals, as well as experience in structured analysis and deriving implementation requirements from regulatory standards.
• Experience in preparing and developing management or supervisory board materials (e.g., committee documents, decision templates, reporting), including tailored presentation of complex issues for the audience.
• Proven ability to coordinate technical discussions with multiple stakeholders (e.g., IT, business units, 2nd line, audit, international branches), ideally also at the group level; project experience in the form of leading sub-projects in the IT or regulatory environment is an advantage.

What we offer