ICT Risk Governance Specialist (f/m/d)

Your area of work

Clearstream is a large international financial institution offering post-trade infrastructure and securities services for the international and domestic markets worldwide. 
The ICT risk management control function plays a pivotal role in safeguarding our organization against technological and information security risks. We partner closely with product, technology, security, and risk teams to ensure the resilience of our systems and services. We actively manage technology risks, steer ICT risk governance and framework design, perform focused risk assurance, and enable compliance for legal entities, branches, and representative offices in scope with direct reporting line to the corresponding executive boards. 
The ideal candidate will have a deep understanding of technology and security frameworks, risk management practices, and regulations, also comfortable working cross functionally.
 

Your responsibilities

• Advising on the definition of the technology risk governance requirements to support the evolving product, technology, and regulatory landscape
• Establish sound ICT risk governance practices and monitor key performance-risk indicators to ensure effective management of material risks
• Contribute into the design of the technology risk management framework, ensuring alignment with business strategy, organizational risk appetite, and regulatory requirements
• Support the preparation and delivery of ICT risk reports to senior management
• Support, maintain, and consolidate ICT risk deliverables for regulatory compliance and internal/external audits
• Collaborate with product, technology, and security teams to enable controlled implementation of new products; Review and assess material changes including the appropriateness of risk control measures  
• Review, maintain, and regularly monitor relevant outsourcing/insourcing contracts
• Be the key contact for Clearstream's client due diligence activities related to technology and information security risks

Your profile

• University degree in Computer Science, Technology Risk, Cyber Security, or related field
• 5+ years of experience in technology governance, risk, and compliance
• Strong understanding of technology risk management principles and experience working on remediation programs
• Experience and analytical skills understanding, structuring, and explaining complex topics; end-to-end thinking required
• Can turn incomplete, unstructured, or ambiguous data points into structured outcomes and pragmatic action plans
• Experience working with technology regulations, international standards, or best practices
• Stakeholders’ management skills and capacity to manage priorities simultaneously
• High self-responsibility & ownership; result orientation and customer focus
• Proficiency in English, both written and spoken, is essential; German is considered an asset