Search

Governance, Risk and Compliance Analyst

companyION Group
locationTurin, Metropolitan City of Turin, Italy
PublishedPublished: Published 1 month ago
Compliance Management Systems / Technology
Role Description

• Support and advise on management of information security and associated controls;

• Support and advise on management of risk and provide a transparent view of risk posture to stakeholders;

• Support and advise on compliance with relevant control standards, regulation and audit requirements;

• Responsible for the oversight and monitoring of risk in line with the ISMS;

• Collaborates with security and audit teams to ensure controls are operating in line with policies.

Key Tasks

As part of the Governance, Risk and Compliance Team within ION Markets, the resource will deal with the following activities:

• Document and monitor risk and control environment to identify existing and emerging risks and issues;

• Evaluate and document issues related to changes in the risk environment and risk priorities;

• Identify and aggregate thematic risk related to findings and trends, e.g. regulatory preparedness, thematic concerns;

• Engage Internal Audit to discuss risk posture and audit inputs;

• Communicate heightened risk that is relevant to stakeholders and customers to ensure transparency and appropriate prioritization for remediation;

• Understand legal and regulatory obligations relevant to the product and how the processes and associated controls provide evidence of compliance;

• Partner with business stakeholders to respond to customers, external audit and regulatory requests for information;

• Educate and advise on security policy, standards and procedures;

• Manage and maintain external certification activities.

Required Skills, Qualifications, and Experience

Knowledge of:

• Working within the technical financial services industry, or other highly regulated industries

• Information security management, governance, and compliance principles, practices, laws, rules and regulations, e.g. NIST, ISO, NIS, DORA and GDPR;

• Information technology systems and processes, network infrastructure, data architecture, data processes and protocols;

• Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration, e.g. CIS, CSF;

• Information systems auditing, monitoring, controlling, and assessment process;

• Incident response management, e.g. ITIL;

• Risk assessment and management methodology, e.g., NIST, ISO 27005;

• Security training techniques and reporting activities.

Skills in:

• Developing and implementing enterprise governance, risk, and compliance strategy and solutions;

• Researching and understanding security information related to internal and external organizations using online and other sources;

• Management of technology vulnerability and threat information;

• Security project management and planning;

• Risk management, information security and audit management lifecycles

Ability to:

• Effectively communicate technical issues to diverse audiences, both in writing and verbally;

• Apply a risk-based approach to planning, executing, and reporting on audit engagements and auditing process;

• Evaluate and update and/or revise programme materials;

• Handle sensitive and confidential matters, situations, and data;

• Understand and follow broad and complex instructions;

• Comprehend technical language and to confer, analyse and write in an objective, lucid manner;

• Work independently and prioritize multiple tasks and adapt to needed changes;

• Remain calm under high pressure/difficult situations.

Preferred Certifications:

• CISM;

• CISA;

• CRISC;

• CISSP.

About Us:

We're a diverse group of visionary innovators who provide trading and workflow automation software, high-value analytics, and strategic consulting to corporations, central banks, financial institutions, and governments. Founded in 1999, we've achieved tremendous growth by bringing together some of the best and most successful financial technology companies in the world.

• Over 2,000 of the world's leading corporations, including 50% of the Fortune 500 and 30% of the world's central banks, trust ION solutions to manage their cash, in-house banking, commodity supply chain, trading and risk.

• Over 800 of the world's leading banks and broker-dealers use our electronic trading platforms to operate the world's financial market infrastructure.

ION is a rapidly expanding and dynamic group with 13,000 employees and offices in more than 40 cities around the globe.

Our ever-expanding global footprint, cutting edge products, and over 40,000 customers worldwide provide an unparalleled career experience for those who share our vision.

ION is committed to maintaining a supportive and inclusive environment for people with diverse backgrounds and experiences. We respect the varied identities, abilities, cultures, and traditions of the individuals who comprise our organization and recognize the value that different backgrounds and points of view bring to our business.

ION adheres to an equal employment opportunity policy that prohibits discriminatory practices or harassment against applicants or employees based on any legally impermissible factor.

Important notes:

According to the Italian Law (L.68/99) please note that candidates from the disability list will be given priority.

Due to the high volume of applications, only those candidates that meet the required criteria for selection will be contacted.

Please do not apply if you don't currently have the legal right to work in Italy, or if that right is just about to expire, or if that right has restrictions imposed which would prevent you from undertaking a full-time employment contract.