IT Risk & Control Advisor

Primary Location: Belgium, Brussels Office

Function name: Internal & External IT Compliance advisor

Discover the challenging world of IT Compliance, in the context of the group’s technology services, i.e. its mission critical production and project delivery services. The group is operating in an increasingly regulated environment.

In this context, the “Internal & External Compliance team”  coordinate both internal and external self-assessments such as SwiftCSP, ISAE3402, BoE Chaps, SREP, …. We build our opinions and present our final conclusions to main internal and external stakeholders (Management committees, Risk committees, internal and external auditors, regulators, …)

The Internal & External Compliance team

Within the IT Risks department you will be part of the Internal & External Compliance team responsible to:

• Coordinate, facilitate and gather answers for internal and external self-assessments
• Provide reporting on the progress of those assessments
• Produce final reporting and clearance on those assessments
• Document issues / findings and report on remediation progress
• Ensure the consistency across all those assessments
• Organise and be actively involved (IT SPOC) for clients due diligence
• Respond to external queries and clients questionnaires
• Improve the current governance (process and tools) to manage queries and external assessments
• Build and maintain relationships with a community of IT ‘Risk Ambassadors’

The Internal & External Compliance team is working closely with field experts and different management levels in the IT divisions across locations (mainly in Belgium but also in France and the UK), as well as with the second and third lines of defence (respectively Risk Management and Internal Audit).

Role

Your day-to-day responsibilities:

• Coordinate, track and report progress on various Compliance assessments
• Assess and challenge answers received from both Controls Owners and Controls Performers
• Communicate and share final opinions and conclusions to internal and external stakeholders
• Document issues and provide regular reporting on their remediations actions
• Build a good internal network within IT to support those exercises
• Come with proposals to improve the governance of those assessments

Technical skills　

• University degree or equivalent experience (education in computer science or engineering is a plus)
• 5 years field experience in the IT Compliance domain or equivalent experience in the following domains: General IT Controls, Cyber Security and Business Resilience
• Fluent knowledge of English (verbal, writing, presentation) is mandatory. French and/or Dutch is a plus
• Critical and open mindset. Ability to listen but equally to challenge and influence both middle / top management and IT experts in a constructive way
• Experience in large multi-platform based IT environments, such as IBM Mainframe and distributed systems
• Process-minded and good knowledge of the key principles of the IT related frameworks such as COBIT 2019, ITIL, NIS, ISO27k, and PRINCE2 is a plus (no certification is required)

Soft skills

• You have a strong risk mind-set: you aspire to a culture of excellence
• You have strong leadership and communication (both oral and written) skills, whether on the field, in the team or with management: you are a keen team player and coordinate work amongst people from different areas or divisions. A good relationship builder with strong diplomacy skills
• You are a highly motivated self-starter and quick learner and you are able to work proactively in a challenging environment with conflicting or competing priorities
• You are analytical and risk oriented. You know how to break down complex risk situations into manageable pieces and to address logical links and dependencies. You can distinguish essential information and summarise it accordingly. You see how information is linked and you recognise common patterns in elements that seem unrelated at first
• You examine matters from a distance and putting them in a broader context and time perspective (vision)
• You express well-founded opinions and positions and understanding their consequences (judgement)
• You obtain approval of others with good arguments, appropriate influencing methods and personal authority (persuasion)

Assignment duration: Permanent (unlimited) contract