IT Risk and Control Specialist

Description

Join us in a stimulating and rewarding position with our esteemed investment banking client. As an expert in IT Risk and Control, your experience will greatly enhance our skilled team of assessors. Your leadership will ensure the success of our assessors' team by providing top-tier expertise and supervising critical outcomes, playing a leading role in our assessment team.

What we offer

• Global Relocation - (Relocation options; Experience in an international environment; Cross-cultural experience)

• Recognition and Evaluation - (Feedback culture; Regular appraisals)

• Time Off - (Annual holiday - 20 or 26 days. The duration of the leave depends on the overall seniority; Occasional leave - 1 or 2 days/ depending on the circumstances; Child care leave - 2 days or 16 hours per year; Absence due to force majeure - 2 days or 16 hours per year; Maternity Leave - 20 weeks; Parental Leave - 41 weeks; Paternity Leave - 14 days)

• Luxoft Training Center - (Expert-led tech courses covering basic to advanced topics; Internal instructor-led soft skills courses; Comprehensive in-house self-learning resources for both soft and hard skills; Access to external self-learning libraries like ProQuest eBook and Udemy for Business; Cloud Programs: MS Cloud Academy, AWS Partner Academy, Google Cloud Academy; Custom Learning Programs: upskilling, reskilling, technical mentorship; Leadership Programs for Managers)

• Well-being and Work-life Balance - (Multisport card; Possibility to order Multisport card at the corporate rate for family members; LuxGood Program: wellbeing seminars, contests, relaxation sessions, yoga sessions, etc.; One Team Program: Buddy for each New Joiner; seminars, meeting and workplace space to support integration with local community and culture; “Hire me” workshops for partners; Preferential banking offer; Preferential car leasing offer; Cafeteria program discounts for shops, cinema tickets, holiday offers; Luxoft Social Benefit Fund: sport and recreation benefits, the possibility to receive financial support)

• Health Care - (Private Healthcare Insurance with unlimited access to specialists; Full dental support; Travel Insurance; Possibility to add private healthcare coverage for family members at the corporate rate; Life insurance at the corporate rate for employees and family members, including payment of the basic package for the employee by the employer; Reimbursement for corrective glasses)

• Company Events and Friendly Environment - (Many fun social activities organized by the Luxoft team offline in your city; Online entertainment events for whole company and local team events; A workplace where you’re treated with respect within a multicultural team)

• Internal Mobility - (Rotation between projects and accounts; New career opportunities)

• Self-Learning Library

• CSR Projects

Other

• Languages: English: C1 Advanced

• Seniority: Senior

Requirements

• Exceptional analytical and research capabilities, particularly in IT audits and risk control.

• Significant experience in technology and IT risk management within the security services sector, especially at a senior level.

• Comprehensive understanding of various risk and control frameworks and standards (like CSA CCM/STAR, SOC2, COSO, ISO standards), and IT industry best practices.

• Strong problem-solving skills and a robust technology foundation.

• Demonstrated ability to communicate effectively with senior management and external parties.

• Mastery of operational risk management and its practical applications.

• Resilient, adaptable, with excellent interpersonal skills.

• A detail-oriented approach, capable of creating customised methodologies.

• Skills in identifying, evaluating, and advising on control deficiencies and risks.

• Experience in leading or managing major risk and control projects within tight deadlines.

• Confidence in engaging with team members at all levels, across diverse locations.

• Risk or control certifications (like CRISC, CISSP) are a plus.

• Certifications in ISO 27001, SOC2 Type2, and Lead Auditor are beneficial.

Responsibilities

• act as a risk and control subject-matter expert for Organization Technology and operational processes, supporting the organization in all areas of IT risk management, and with a special forte in cloud-related risks and information protection

• ensure risk frameworks are operating effectively

• identify and assess operational risks, issues, and associated action plans from all phases, from inception through completion

• translate IT issues to business risk and effectively communicate them to senior management

• assist in managing a progressive and sustainable control environment