ICT GRC - Risk & Compliance Manager (fluent German required)

ICT GRC - Risk Compliance Manager (fluent German required) About the opportunity Are you ready to take the next step in your career? As an ICT GRC - Risk Compliance Manager , you will play a pivotal role in shaping how we manage IT risks in an increasingly AI-driven financial landscape. In this role, you’ll be at the forefront of risk management and compliance, ensuring our IT systems remain secure, resilient, and aligned with evolving regulations. You’ll work closely with tech, security, and compliance teams to strengthen risk frameworks, enhance resilience, and drive smarter decision-making. As AI and automation become essential in risk management, you’ll help explore and implement automation and AI-driven solutions to improve risk assessments, identify emerging threats, and streamline compliance processes. This is an opportunity to not just keep up with change, but to help shape it. If you're looking for a role where AI, automation, and ICT Risk and compliance intersect, and where your expertise can have a real impact, this is it. In this role you will Function as a key member of the bank's risk function (Second Line of Defense), reporting directly to the Deputy CISO and maintaining close collaboration with First Line of Defense teams on matters of ICT risk management. Actively engage in the ICT Risk Management process, encompassing proactive risk assessment, analysis, treatment plan identification, mitigation, and ongoing monitoring. Drive the maturity of the ICT Risk Management framework in adherence to DORA act. Proactively conduct risk assessments to identify ICT risks within the bank's IT infrastructure and propose appropriate mitigation strategies. Collaborate with cross-functional teams, including product, technology, security, and other First Line of Defense teams, to identify and implement risk treatment plans. Maintain the ICT risk register, ensuring the accuracy and completeness of ICT risks. Proactively report progress and updates to the team, providing detailed reports and presentations on the status of identified risks, mitigation efforts, and compliance. Leverage artificial intelligence tools and technologies to enhance risk management and compliance processes. Ensure that all communication is clear, actionable, and aligned with the bank's overarching risk management strategy. Facilitate regular meetings with key stakeholders to discuss risk status, challenges, and next steps, fostering a culture of continuous improvement and proactive risk management. What you need to be successful Background Bachelor`s degree in Information Technology, Computer Science, Information Security, or a related field. Professional certifications such as CISA / CISM / CRISC, or equivalent are highly desirable. Minimum of 6 years of experience in IT risk management, information security, and compliance, preferably within the banking or financial services industry. In-depth knowledge of relevant regulatory requirements, such as MaRisk, BAIT, DORA and industry standards such as ISO 27001/27002, NIST, etc. Strong understanding of IT infrastructure, network security, application security, and cloud security. Should be able to leverage AI tools and techniques to enhance risk assessment, compliance monitoring, and the identification of emerging threats. Skills Excellent analytical and problem-solving skills, with the ability to identify and assess complex IT and information security risks. Possesses expertise in assessing, writing and managing IT risks, threats and the ability to connect it with the appropriate controls. Ability to proactively recommend improvements to the area based on your expertise, as well as drive and operationalize the necessary changes required Strong project management skills with the ability to manage multiple tasks and projects simultaneously. Ability to manage the ICT Risk Management process from end to end Proficiency in using Enterprise GRC tools such OneTrust / ServiceNow GRC a ... (truncated, view full listing at source)