Technology Risk and Controls Officer
Area
Are you inspired by working with a variety of stakeholders and providing expert advice on topics related to the technology risk management lifecycle, from identification and assessment to retirement? Do you possess a strong understanding of both inherent and residual risks within the technology domain, including how controls can effectively strengthen an organisation’s residual risk profile?
If you answered yes to these questions, you might be the ideal candidate to join our team as a Technology Risk and Controls Officer in the Technology Risk Assessments team, part of Security, Resiliency, and Control—a unit dedicated to keeping Danske Bank safe and secure from technology risks.
In this role, you will be a key member of the team offering technology risk assessment and advisory services across the bank. You will manage and conduct technology risk assessments with service owners, our key stakeholders, and consult on a wide range of new and emerging technology risk areas as part of various strategic initiatives.
We offer a position located at our office in Vilnius, Lithuania, with a flexible work schedule and hybrid working options. As a forward-thinking bank, we value diversity, sustainability, and believe in the power of digital transformation. We offer a collaborative environment where you can grow, innovate, and make a meaningful impact.
Security, Resilience, and Controls department, headed by the Chief Security Officer, is an essential part of the technology organisation tasked with protecting our people, our customers, and our assets from harm – a fundamental function of a bank is the protection of customers’ money.
Mission
- Facilitate and conduct Technology Risk Assessments workshops with technology and application service owners
- Support administration of ServiceNow, the Bank’s ‘Golden Source’ system for recording technology risks, controls, and remediation plans
- Work effectively with stakeholders outside the immediate TRA team, including service owners and risk owners, to obtain risk treatment responses, notify of upcoming or overdue assessments and risk responses, and proactively uplift the quality of the risk register through ongoing administration activities
- Ensure adherence to risk management policies, facilitate related reviews, identify gaps, and devise remediation plans in conjunction with policy owners
- Prepare summaries of technology risk assessment workshop outputs for internal stakeholders to promote awareness and build the team’s knowledge of technology risk
- Identify and share information about technology risk trends from your assessment work and the wider environment
Skills
- 3+ years of experience in IT Risk Management, Third Party Risk Management, Governance, Risk, and Controls management, or similar fields
- Experience in identifying and assessing technology risks and/or IT general controls, including drafting issue wording for exceptions noted
- Awareness of IT controls frameworks such as ITIL, COBIT, NIST, ISO27001, or ISF Standard of Good Practice
- Awareness of major regulations impacting financial and technology sectors, such as GDPR, DORA, or EBA guidelines
- Familiarity with Governance, Risk, and Compliance (GRC) tooling, such as ServiceNow/SNOW
- Upper-Intermediate English language skills
- Analytical, communication, teamwork, and interpersonal skills
- Approachable, pragmatic, self-starter who is easy to collaborate with others to make things happen
We will consider as a bonus:
- Risk, controls, or audit background
- Experience with presentations to non-technical stakeholders
- Some experience with applications and infrastructure services such as Windows Active Directory, UNIX/Linux, Red Hat, or DB2/Oracle databases
Professional certifications or training related to technology or risk management (for example, CISM, CISA, CRISC, CISSP, ISO 27001 Lead Implementer, ITIL, COBIT).
We offer:
We will ensure that exact salary offered for you will be based on your qualifications, competencies, professional experience and requirements for the corresponding job function (salary range from 2640 EUR to 3960 EUR gross EUR/monthly).
Your title in job contract will be Officer - Business Risk & Controls (Officer, IT Risk and Controls).
