Hiring.Camp

IT Risk & Compliance Officer for Cloud

Urban Connect

·

4 days ago

Location
Bucharest
Workplace
Hybrid
Type
Full-time
Department
IT
Experience
5+ years
Closing date
Today
Source
CareersPage

Description

Job Location: hybrid in Bucharest

Recruitment process:

  • HR screening
  • Technical Interview
  • Cultural discusion

Role description:

This role requires close collaboration with platform owners and development teams to build a strong high-level understanding of risk, while also being able to zoom in and out of the details to ensure a clear understanding of the solution design and to design effective controls.

Job Responsibilities:

  • Provide cybersecurity, IT risk, and regulatory compliance advice to platform owners, development teams, and business functions, in line with internal policies and standards such as NIST, SOX, PCI-DSS, and other relevant best practices, to support secure and compliant cloud adoption.
  • Bridge the gap between technical and audit teams by working with platform and development teams to translate complex technology or application stacks into risk-based language for Internal and External Audits.
  • Perform IT risk assessments for new platforms and significant platform changes, using the organization's risk and control framework, to identify key risks, assess control effectiveness, and recommend appropriate remediation actions.
  • Advise stakeholders on the design of sustainable, proportionate, and scalable controls, including cloud control requirements for identity and access management, logging, encryption, network security, and configuration governance, to strengthen risk management and compliance.
  • Develop and enhance cloud guardrails, standards, and control requirements, in line with internal governance and regulatory expectations, to support secure onboarding and consistent use of cloud services across platforms.
  • Drive continuous improvement and harmonization of cloud controls across platforms, following internal control standards and compliance requirements, to simplify compliance and improve control consistency.
  • Coordinate with Security, Risk and Controls, Internal Audit, External Audit, Business Continuity, IT Disaster Recovery, and Service Continuity teams, and support audit evidence requests as needed, to ensure effective risk oversight and timely audit support.

Required qualifications:

  • Preferred: 5+ years of experience gained within IT risk, compliance, internal controls or audit within a highly regulated industry.
  • Minimum: 3 years of experience gained within IT risk, compliance, internal controls or audit within a highly regulated industry.

Technical skills:

  • Strong expertise in business analysis, auditing, corporate governance, risk management or internal controls.
  • Ability to assess risks, evaluate controls, and provide practical, proportionate recommendations to both technical and non-technical stakeholders.
  • Basic technical understanding of internal control requirements and design and experience in applying them in various businesses.
  • Ability to translate complex technology and application stacks into risk-based language for Internal and External Audits.
  • Good technical expertise in Cloud Security and Compliance (AWS – strongly preferred, GCP, Azure, etc.) and DevOps domain.
  • Knowledge of cloud risk and control domains, including identity and access management, logging and monitoring, encryption, network security, and configuration governance.
  • Familiarity/experience working with a wide range of technologies (internally developed applications, Windows, Linux, Databases, Gitlab, etc.) from a risk and security perspective.

Soft skills:

  • Strong stakeholder management and communication skills, with the ability to collaborate effectively across technology, risk, audit, and business teams.
  • Ability to build solid relationships with business partners to drive the adoption of the risk management culture.
  • Ability to break down complex tasks into logical, manageable, and well-defined actions, ensuring effective execution and timely delivery.
  • Ability to adapt quickly to change and demonstrate flexibility and agility in response to evolving business priorities, stakeholder expectations, and the client's regulatory or operating environment.
  • Proven ability to work autonomously while remaining a collaborative and effective team player.

Desired qualifications (Nice to have):

  • Cloud certifications are an advantage for this position. Relevant certifications include AWS certifications, ISC2 certifications such as CCSP, and the Certificate of Cloud Security Knowledge (CCSK) issued by CSA.

Work conditions:

Working hours: 9:00-18:00
Working setup (hybrid, on site, remote): hybrid way of working with an onsite presence of 2 days/week.

Skills

AWSAzureGCPLinuxGitLabCybersecurityDevOpsSOXRisk ManagementCompliance

Similar Jobs

30

Sr. Lead, IT Risk and Controls – KRI Development, Metrics & Automation

NT Careers · Chicago, IL, United States of America · Hybrid

2 days ago

Senior Analyst, IT Risk Analytics & Reporting (Global Security)

Rbc · 16 YORK ST:TORONTO, Canada

2 days ago

Senior IT Risk Analyst

Wintrust · Rosemont - WTFC - 9801 W Higgins Rd. (0444), United States of America · Hybrid

2 days ago

Senior IT Risk & Compliance Analyst

Rbc · RBC WATERPARK PLACE, 88 QUEENS QUAY W:TORONTO, Canada

2 days ago

IT Risk Officer, Sr

Old National Bank · Lake Elmo, MN, US

3 days ago

IT Risk & Compliance Analyst

Trinity Church NYC · New York, NY

3 days ago

Sr IT Risk Manager - Risk Portfolio

earlywarningservices · San Francisco, United States of America · Hybrid

4 days ago

Senior Director, Vendor IT Risk Management (Global Security)

Rbc · 16 YORK ST:TORONTO, Canada

6 days ago

IT Risk Director, Technology Risk Management Resiliency & Business Continuity

Huntington · One South Charlotte Nc, United States of America +5 · Onsite

6 days ago

Principal/Senior IT Risk Analyst

Berkshire Hathaway Specialty Insurance · Boston, MA

1 week ago

IT Risk Administrator - Hybrid

Revera · Support Office - Ontario, Canada · Remote, Hybrid

1 week ago

IT Risk Technical Lead

Freddiemac · Headquarters 1, United States of America

1 week ago

IT Risk Senior

Freddiemac · Headquarters 1, United States of America

1 week ago

Principal IT Risk Management Analyst

Strayer · Remote, United States of America · Remote

1 week ago

Senior IT Risk Manager (m/w/d)

Creditplus · Stuttgart, Baden-Württemberg

1 week ago

Senior Manager, IT Risk & Control , Wealth Management Europe (London)

Rbc · 10 FENCHURCH AVENUE:LONDON, United Kingdom

1 week ago

IT Risk & Compliance Analyst

Watts Water · No. Andover, MA Chestnut St., United States of America · Remote

1 week ago

IT Risk, Regulatory & Control Lead - VP

Db · Mumbai Nirlon Knowledge Pk B1, India

1 week ago

Manager, IT Risk and Controls

Openai · San Francisco · Hybrid

1 week ago

Lead, IT Risk

Gemini · New York, New York

1 week ago

Auditor, IT Risk and Compliance - Corporate Information Systems Group

Canadian Bank Note Company · Ottawa, ON, Canada · Remote

1 week ago

Senior Manager, Operational Risk / IT Risk and Compliance

Rbc · 180 WELLINGTON ST W:TORONTO, Canada

1 week ago

Associate - IT Risk Services

Pwc · Hanoi, Vietnam

1 week ago

(1712) Senior I&T Risk Analyst – Business Resilience - BSTD

South African Reserve Bank · Pretoria, South Africa, ZA · Onsite

2 weeks ago

Senior IT Risk Analyst

Bristolmyerssquibb · Hyderabad, India

2 weeks ago

Senior IT Risk Analyst

Bristol Myers Squibb · Hyderabad, TS,IN, IN

2 weeks ago

Senior Manager, IT Risk, Data Privacy & Security

EisnerAmper is one of the · Baton Rouge, United States of America

2 weeks ago

IT Risk Senior Specialist

Nubank · Mexico, Mexico City +1

2 weeks ago

SSBI IT Governance, IT Risk and IT Outsourcing Vice President

Statestreet · Gdansk, Poland +1

2 weeks ago

Manager - IT Risk Management

Mmc · Pune - Panchshil, India · Hybrid

2 weeks ago