Risk Management Expert - ICT Oversight
We are seeking a skilled professional to assume the role of Risk Management Expert - ICT Oversight. This position entails a range of responsibilities aimed at ensuring the effective management and oversight of Information Communication Technology (ICT) risks within our organisation.
Key Responsibilities:
* Analyse ICT organisational structures and risk management frameworks in application files for authorisation of future professionals in the financial sector.
* Conduct thorough analyses of notifications related to the use of ICT third-party service providers by entities supervised by the regulatory body.
* Provide expert support and guidance to other supervisory departments in assessing compliance with DORA regulation, contributing to the development of their understanding and interpretation of this legislation.
* Offer strategic advice to other departments on IT strategy, digital transformation, internal or external IT audits, and other related matters.
* Stay up-to-date with technological advancements and regulatory changes, providing insights into new technologies and digitalization trends.
* Participate in cross-functional analyses focused on ICT risk management topics, fostering collaboration and knowledge-sharing across departments.
* Engage in national and international working groups dedicated to ICT and ICT risk supervision, facilitating exchange of best practices and expertise.
Your Profile:
* Possess a degree in information systems audit, IT security with finance specialisation, economics, finance, or business management with ICT specialisation.
* Hold 3+ years of experience in information systems auditing or ICT risk management, demonstrating a strong foundation in these areas.
* Demonstrate fluency in English, with proficiency in French and/or German; Luxembourgish is considered an asset.
* Be prepared to undertake regular business trips abroad, as required by the role.
* Have excellent knowledge of CSSF circulars on ICT risk management and outsourcing.
* Familiarity with European regulations (DORA, PSD, eIDAS, NIS, MICA) and an interest in new technologies will be seen as advantageous.
* CISA, CISM, CISSP certifications are highly valued but not mandatory.
* Possess writing, analytical, synthesis skills, and thoroughness in your work.
* Show proactivity, flexibility, ability to work independently, and demonstrate team spirit.
* Exhibit excellent communication skills.
* Maintain confidentiality in all aspects of your work.
The successful candidate will be employed as a public servant under a permanent contract and may be asked to apply for civil servant status if they meet the necessary conditions.