Senior Specialist: IT Audit & Cyber Risk (2nd Line) (f/m/d)

Job description

Your area of work: The Chief ICT Risk Office (CISO) combines IT & IS Risk Management in the 2nd Line of Defense. The department’s mandate is to set the IT and IS (ICT) risk governance and framework, set the control objectives, control review methodology and risk assessment methodology, conduct independent risk assurance of 1st LoD ICT controls (IT and IS controls), and independently monitor and report on the level of ICT risks as well as to drive transformation and collaboration.In this role, you will be part of ICT Risk Assurance team, performing continuous monitoring and oversight to confirm that our ICT controls are well-designed, correctly implemented, and operating effectively to protect the organization. Your responsibilities: - Design and implement risk-based assurance plans aligned with internal and regulatory requirements - Lead and execute IT & IS assurance assessments to evaluate risks across applications, infrastructure, cloud platforms, and network/security processes - Ensure IT systems and processes comply with relevant laws, regulations, and standards, including DORA, MaRisk, CSSF, NIST, ISO 27000, etc. - Test the effectiveness of IT General Controls (ITGC) and cyber...