ICT Risk Management Expert

ProCredit Bank Bulgaria is part of the international ProCredit group, which is headquartered in Frankfurt, Germany. We are a flexible and innovative bank. We are pioneers in the modern and pragmatic banking solutions, personally tested by us, that have positive impact for our customers. We are constantly optimizing our processes, improving the customer experience every day. We stand out with convenient and fast digital banking, clear and transparent conditions, high quality of service. For us, the topic of environmental protection, social responsibility and people’s education is not a trend, but a permanent attitude. We believe that people are the engine of change and the instigator of innovation.

ProCredit Bank Bulgaria is the first one that:

• Implemented 24/7 time zones with all types of machines that provide full self service to its clients
• Provides to its clients Internet banking, designed and developed entirely in-house by the bank’s IT team. 100% of its business clients use this digital channel for their banking business
• Realized digital processes for personal identification, opening bank account and loan disbursement of private individuals
• Have a specific and individual approach to financing green investments with great impact on nature
• Sets a significant budget for the professional trainings of its employees
• Have unique office design and working surrounding

Why to choose ProCredit ICT Risk Management team:

• Our infrastructure is based on leading solutions and vendors
• We work according to an Agile methodology (SAFe), implemented in self-organizing teams of up to 10 people
• The projects are diverse and allow you to show creativity and individual approach to the development
• The team of young and enthusiastic people is strongly supported by mentors experienced in various fields of IT
• The day-to-day work is organized very similar to that in an IT company
• We provide yearly trainings related to the latest technologies
• To ensure a high level of quality of our digital products, we use the latest development technologies

We are currently seeking a qualified candidate for the position of ICT Risk Management Expert

Key responsibilities:

• Introduce the requirements of the Group Policies related to Information Security and ICT Risks and monitors their implementation;
• Ensure the control of ICT processes as a second line of defence;
• Ensure compliance between Group requirements and national legislation and regulations on Information Security and ICT Risks
• Work closely with all departments to identify, assess, and mitigate ICT-related risks, and ensure compliance with regulatory requirements, financial industry standards and DORA (Digital Operational Resilience Act)
• Stay ahead of the Digital Operational Resilience Act (DORA) regulations, ensuring the company meets all requirements and implements necessary adjustments.
• Address and oversee non-financial risk categories related to ICT operations, providing guidance and solutions to mitigate impact.
• Access right management Checks and coordination of annual review;
• Perform ICT system risk assessment of new projects;
• Report Risk related incidents internally and to regulation authority;
• Prepare and update the Business Continuity Plan and resulting procedures with focus on ICT part;
• Coordinate and participate in tests of Business and IT continuity plans;
• Participate on Information Security training for employees;
• Participate in working groups related to information security and risk.

Requirements:

• 2+ years of experience at positions, related to the Information Security, IT Security or IT Risk Management;
• Knowledge of IT infrastructure (servers, network and storage) and operating systems is an advantage;
• ISO 27001, CISM, CISA and CRISC certification would be considered as an advantage;
• Good communication skills and team working ability;
• Fluency in English;
• Time management and prioritization skills.

Our offer:

• Working in a dynamic international environment
• Professional growth in a motivated team
• Training opportunities and established rules and procedures at work
• Flexible working time and home office option
• Social benefits: 25 days paid annual leave, additional health insurance, Multisport card, transportation cost amount, additional amount for summer vacation and heating season, preferential conditions for products and services in the bank; preferential fees for education at Denis Diderot School – the private school of the bank.

Only short-listed candidates (selected on submitted CV) will be invited to the upcoming stages of the selection process.

Your application will be treated with strict confidentiality and in compliance with the legal requirements for personal data protection.