BaaS IT Risk Owner

at  Aion Bank

WHAT WE DO?

Aion Bank is a fully regulated European bank and credit institution that combines Vodeno’s proprietary, private blockchain-based platform with its ECB banking license, balance sheet and regulatory and compliance expertise to offer a comprehensive suite of embedded banking products.
Aion has a track record of delivering fully compliant embedded banking solutions to retailers, eCom/marketplaces, banks/neobanks and fintechs, creating a better customer experience that drives conversion, increases engagement and fosters loyalty.
Aion Bank is currently active in Belgium, Germany, Poland and Sweden, including a retail business in both Belgium and Poland.
Our biggest strength is our people - a group of highly intelligent, creative, result-driven and ambitious individuals who always rise to the challenge. Together, we create a positive, energetic and fast-paced work environment. We stay professional in getting things done, but remember not to leave our passion and fun behind.
We are currently looking for a BaaS IT Risk Owner ready to join our adventure and share our ambition.

SKILLS YOU SHOULD HAVE

• Minimum of 3-5 years of experience in ICT risk, Data Protection and Resilience management, preferably within a financial institution.
• Over 3 years of experience in a role involving supply chain management or outsourcing, third party risk management, preferably in the financial sector.
• Strong understanding of information security principles, standards, and best practices for outsourcing areas.
• Excellent analytical, problem-solving, and decision-making skills
• Strong communication and interpersonal skills, with the ability to effectively communicate complex risk concepts to non-technical stakeholders
• Ability to work independently and as part of a team in a fast-paced environment
• Fluency in Polish and English

ABOUT US

Read more about what we do on our website

WHAT YOU WILL BE DOING?

We are seeking a highly skilled and experienced BaaS IT Risk Officer to join our dynamic team in a leading financial institution.As part of the second line of defence, you will play a crucial role in ensuring the organisation’s information assets are adequately protected against risks. You will be responsible for overseeing the identification, assessment, and management of Banking as a Service (BaaS) Partners risks, as well as providing expert guidance and support to the business. This includes overseeing all documentation related to BaaS Partners, exit plans and implementing tools for client lifecycle management.

YOUR RESPONSIBILITIES:

• Risk Identification, analyse, assess and develop strategies to mitigate any identified risk in the BaaS Partners area.
• Develop and implement outsourcing risk mitigation strategies and controls to minimise the likelihood and impact of identified risks.
• Perform constant reviews to understand and align company’s operational needs with the requirements in managing customer’s requirement,
• Manage exposures, legal, and regulatory requirements within BaaS agreements.
• Ensure 3rd Party agreements comply with global and local Corporate Rules, security regulations and legal terms.
• Collaborate closely with Product Architects to assess and effectively implement business requirements.
• Conduct due diligence and audits of BaaS partners.
• Provide support to the 1LoD in meetings and developing documentation related to BaaS Partners.
• Analyse and make suggestions for improvement of overall BaaS strategy.
• Identify, evaluate, and document information risks associated with the BaaS processes, systems, and technology.
• Assess and manage risks related to third-party partners, including BaaS.
• Conduct assessments and due diligence checks of suppliers and third-party partners including BaaS, advising management on risk mitigation.
• Develop and maintain outsourcing policies and standards.
• Work with the first line of defence to develop action plans to mitigate identified risks.
• Prepare regular reports to senior management on the status of BaaS Partners activities, risk, compliance and performance metrics.
• Ensuring regulatory compliance - EBA guidelines on outsourcing arrangements and DORA.