IT Risk Manager (f/m/d)

Date: 15 Sep 2023

Location: Prague, CZ

Company: Deutsche Börse Group

Area of work:


We are seeking an experienced Internal Controls System IT Risk Manager to join our organization. This position will be responsible for analyzing, designing, implementing, and monitoring internal control systems within the IT product lines. The candidate should have a strong background in internal controls, ability to interpret regulatory requirements, preferably experience in financial industry. Additionally, the candidate should possess strong analytical and communication skills to effectively measure control effectiveness using key performance indicators (KPIs).


Your responsibilities:


  • Analyze existing internal control system and processes within the IT product lines to identify potential risks and weaknesses
  • Collaborate with cross-functional teams to design and support implementation of effective control procedures and mechanisms to mitigate identified risks.
  • Design of KPIs for control effectiveness measurement
  • Regularly monitor and evaluate the effectiveness of implemented internal controls through the collection and analysis of KPIs
  • Identify control gaps and weaknesses and guide the IT team in implementing remediation plans
  • Provide guidance and support to IT teams regarding internal control best practices.
  • Collaborate with auditors and regulators during compliance audits and examinations.
  • Support maintenance and execution of IT Risk Management processes (risk identification, assessment, mitigation, reporting)


Your profile:


  • Minimum 3 years working experience in IT area including knowledge of IT processes and controls
  • Ability to measure control effectiveness using KPIs and develop meaningful insights from data analysis
  • Experience in control design and implementation, including risk assessment, control documentation, and control testing
  • Know-how of legal and regulatory documents related to IT requirements in the financial industry, for example EBA Guidelines, MaRisk, BAIT, CSSF Circulars
  • Knowledge of IT frameworks and Standards, e.g., COBIT, ISO Standards, or related certifications such as CISA, CRISC, CISSP, ITIL, COBIT will be beneficial
  • Analytical skills and experience to understand, structure and prepare/explain complex topics
  • Proactive approach and ability to complete tasks in timely and accurate manner
  • Experience with GRC tools will be beneficial