Lead IT Risk Manager
U
UpvestFintech
Work from any of our hubs in Berlin, London or Tallinn hybrid or remotely across EuropeFull-TimeLead
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Languages
- English
- Experience
- 5+ years
- Required Skills
- Risk Management
Requirements
- University degree in Computer Science, Information Technology, Information Security, or equivalent.
- Minimum 5+ years of professional experience in IT Governance, Risk, Compliance, and Security (IT GRC).
- Experience working within a regulated financial institution, bank, fintech, or fast-scaling B2B platform.
- Deep operational understanding of IT governance standards (e.g., ISO 27001).
- Strong knowledge of regulatory risk requirements (e.g., BaFin BAIT/MaRisk).
- Familiarity with modern resilience standards like DORA.
- Exceptional verbal and written articulation skills in English.
- Ability to engage credibly with technical engineering leads and C-level executives.
- Product engineering and security-focused mindset with commercial pragmatism.
- Ability to operate confidently under ambiguity.
Responsibilities
- Own and evolve the IT Risk and Business Continuity Management Framework within the second line.
- Provide independent second-line oversight and challenge to the first-line IT GRC team on control effectiveness.
- Lead IT risk identification, assessment, and mitigation across cyber, technology resilience, third-party, and data security.
- Define baseline controls and perform ISMS maturity assessments against ISO/IEC 27001:2022.
- Drive second-line assurance reviews and support internal/external IT audits.
- Manage regulatory obligations including DORA, BaFin, EBA, and ESMA compliance.
- Report IT risk posture and material events to senior stakeholders and the C-suite.
View Full Description & ApplyYou'll be redirected to the employer's site