IT Analyst Governance and Risk

• Develop and maintain internal control testing procedures and documentation to evaluate control performance and ensure compliance
• Update internal IT control matrices in response to changes in the IT environment or regulatory requirements
• Assess IT risks across systems, applications, and processes, identifying vulnerabilities and recommending mitigation strategies
• Conduct internal assessments of IT systems, applications, platforms, and operational processes to ensure compliance with internal and external standards
• Identify control deficiencies, discuss findings with line management, and initiate control matter recommendations in assigned test areas
• Define and manage a control monitoring program to continuously assess and measure the application of controls across the IT environment
• Collaborate with control owners to create risk remediation plans and ensure the effective implementation of changes
• Coordinate external audit activities with internal resources to ensure timely and successful completion of audits
• Lead IT control education, awareness, and training programs for end users
• Identify opportunities to automate testing or create continuous monitoring processes

• 3+ years of hands-on experience in security controls assessment, IT risk management, and compliance management
• Experience in coordinating external audit activities by acting as a liaison between external auditors and internal control owners to ensure timely communication and resolution of audit requests
• Familiarity with security frameworks, such as NIST CSF and ISO27001
• Highly collaborative with the ability to articulate ideas and influence peers and senior leadership
• Strong working knowledge and understanding of key concepts in risk management, cybersecurity, compliance, and/or audit
• Proven ability to assess IT risks, design and test IT controls, and ensure regulatory compliance
• Strong written, oral communication, and presentation skills
• Capable of working independently and taking ownership of projects
• Strong analytical and critical thinking skills with experience in making data-driven decisions
• High level of professionalism, integrity, and ethics
• Bachelor’s degree in Information Technology, Cybersecurity, or a related field (or equivalent experience)

Certifications such as CISSP, CISA, or CRISC are preferred but not required, as they demonstrate expertise in managing security risks, controls, and compliance in a complex IT environment

• Annual bonus
• Private medical care
• Possibility for author's tax deduction
• Cafeteria Platform/Multisport
• English lessons subsidized by the company
• Group insurance
• Attractive discounts for products and services at our stations
• Employee stock purchase plan
• Employee Assistance Program (Lyra)
• Modern and convenient office
• Trainings & possibility to develop skills in a wide international environment