Project Manager overseeing Enterprise Security Compliance initiatives at MTM. Managing compliance and security activities, ensuring project completion within budget and scope.
About the role
- ICT & Security Risk Manager at BCR driving ICT risk management and team collaboration with Technology & Security teams. Executing enterprise-wide risk assessments and ensuring effective reporting and compliance.
Responsibilities
- Drive the execution of the ICT risk management framework;
- Provide constructive challenge to Technology & Security teams;
- Ensure risks are monitored and reported effectively;
- Maintain and enhance the ICT & Security Risk Policy, procedures, and assessment methodology;
- Execute and coordinate enterprise-wide ICT risk assessments and targeted thematic reviews;
- Assess security findings and control weaknesses, validate risk severity, and ensure structured, risk-based remediation tracking;
- Provide effective 2nd line challenge to 1st line risk assessments; deliver pragmatic and actionable recommendations;
- Own and improve the ICT/Cyber risk register;
- Monitor risk treatment plans and mitigation effectiveness;
- Support NFR/Risk Acceptance governance;
- Build and maintain a meaningful KRI framework;
- Analyze trends across incidents, downtime, vulnerabilities, audit findings for forward-looking risk insights;
- Contribute to severe-but-plausible scenario analysis and resilience assessments;
- Lead the ICT change risk component by assessing high-risk changes.
Requirements
- 4+ years of experience in ICT/cyber risk, tech audit/controls, security governance, or operational risk with strong IT exposure;
- Hands-on experience performing risk assessments, control evaluation, and preparing management-level risk reporting;
- Good understanding of regulatory expectations and industry best practices (DORA, NIST CSF, ISO 27001/27002, COBIT, ITIL);
- Strong analytical mindset and the ability to translate technical vulnerabilities into clear business risk implications;
- Confidence to act as a constructive challenger when working with senior technical stakeholders;
- High standards for documentation and evidence-based writing, delivering audit-ready outputs;
- Comfortable working with KRIs, thresholds, and trend analysis;
- Integrity, independence, and sound professional judgment in risk-based decision making;
- Certifications such as CISM, CISSP, CRISC, CISA, ISO 27001 LA/LI, ITIL, COBIT are an advantage;
- Exposure to third-party ICT risk, cloud risk governance, scenario analysis or operational resilience exercises is considered a plus.
Benefits
- Monthly budget for flexible benefits through the Benefit Online platform;
- Performance-based bonus;
- Banking facilities, benefits for private pension and discounts on insurance policies;
- Gifts for special occasions;
- Private medical services for you and your family;
- Hybrid and flexible work schedule;
- Up to 27 vacation days depending on your professional experience;
- Extra 7 days off per year if you have used up your vacation days;
- One day off for your birthday;
- Wellbeing, personal and professional development programs, and platforms that allow you to learn anytime, anywhere, and from any device;
- Subscription to Bookster.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cyber security leader driving advanced analytics and fraud prevention strategies at Sun Life. Establishing operational models and analytics capabilities for proactive risk mitigation and incident response.
Senior Manager of Cloud Network Engineering & Security leading enterprise - wide network evolution. Hands - on technical leadership focusing on cloud networking in AWS and Azure from Dallas headquarters.
Light Maintenance Security Officer handling routine maintenance tasks and event setups for Ohio Support Services. Assisting building engineers and ensuring facility operations meet standards.
IT Intern at AVIXA supporting cybersecurity, networking, and user support for a non - profit. Engaging in hands - on experience while working closely with the IT team during summer.
Security Specialist evaluating and mitigating risks for PNC's cybersecurity posture. Collaborating on security policies and procedures to enhance compliance and safeguard information.
Security Officer ensuring safety and security of staff, patients, and visitors at Kent Hospital in Warwick, RI. Involves monitoring premises and enforcing policies and procedures.
Technical Specialist in Cybersecurity managing endpoint protection, email filtering, and workload security. Collaborating with SOC teams and presenting findings effectively.
Technical Lead in Cybersecurity focusing on threat monitoring and vulnerability assessments for the company. Collaborate with analysts and stakeholders to enhance cybersecurity measures.
Facility Security Officer managing Industrial Security at Curtiss - Wright. Overseeing physical, personnel, and information security while ensuring compliance with government regulations.