IT Governance & Risk Officer at Inetum
Porto, , Portugal -
Full Time


Start Date

Immediate

Expiry Date

15 Sep, 26

Salary

0.0

Posted On

17 Jun, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

IT Governance, Risk Management, Cybersecurity Frameworks, DORA Compliance, ServiceNow, COBIT, COSO, ISO 31000, ITIL, NIST, IT Audit, Stakeholder Management, Reporting, Analytical Thinking, French Language, English Language

Industry

IT Services and IT Consulting

Description
Company Description Inetum is a global leader in IT services, dedicated to delivering innovative solutions to our clients. We are committed to fostering a dynamic and inclusive work environment that values diversity, where creativity and collaboration can thrive. We are present in 19 countries and have more than 28,000 employees worldwide. If you are looking for a dynamic, innovative, and technology-driven company, Inetum is the place for you! Come be part of Inetum! Job Description The IT Governance & Risk Officer is responsible for driving the implementation, monitoring, and continuous improvement of IT governance and risk management practices. This role ensures alignment with the group standards, regulatory requirements (including DORA), and local business needs, while strengthening the IT risk culture across the organization. Key Responsibilities: IT Governance Ensure the effective implementation and continuous improvement of IT governance frameworks. Deploy and adapt group IT governance standards (procedures, controls, and requirements) to the local context. Support IT teams and stakeholders in adopting governance practices, ensuring proper documentation and control effectiveness. Monitor compliance with IT governance requirements and track remediation actions. Contribute to the definition and enhancement of the IT management system. Maintain and update IT procedures in alignment with Group governance and regulatory expectations. IT Risk Management Deploy and promote IT risk management practices and risk awareness across the organization. Maintain the IT risk register, ensuring proper identification, assessment, mitigation, and reporting of risks (via ServiceNow). Conduct regular IT risk reviews and ensure risk documentation is up to date. Contribute to risk frameworks such as ORSA and RCSA from an IT perspective. Define and monitor relevant controls and Key Risk Indicators (KRIs). Oversee IT operational incidents and ensure proper reporting and follow-up. Lead IT control plan campaigns (methodology, coordination, validation of results, and reporting). Monitor IT audit activities and ensure implementation of recommendations. Maintain the inventory of Shadow IT. Governance, Reporting & Committees Prepare and deliver regular reports on IT risks and governance for local and group stakeholders. Organize and present the quarterly IT Risk & Cyber Committee (KPIs, audit recommendations, obsolescence, Shadow IT, incidents, outsourcing, etc.). Support the CIO in preparing IT Steering Committees. Coordinate with Corporate and Head Office teams on governance and risk-related topics. Manage and track remediation plans related to risks, audits, and non-compliance. Participate in internal governance forums (Cybersecurity, Obsolescence, Asset Committees, etc.). DORA Governance Support the deployment and monitoring of DORA (Digital Operational Resilience Act) requirements. Prepare and maintain DORA-related reporting at the local level. Review intragroup and third-party contracts, ensuring compliance with DORA requirements. Coordinate due diligence activities and governance processes with suppliers and group entities. Monitor DORA implementation progress and support steering committees. Contribute to supplier contractual reviews. Main Activities Maintain IT risk data and controls in ServiceNow. Manage GKSP BI control campaigns and track results. Monitor and report on action plans and governance indicators (KPIs). Coordinate cross-functional stakeholders to ensure compliance and governance maturity. Qualifications Strong knowledge of IT governance, risk management, and cybersecurity frameworks. Familiarity with standards and methodologies such as: COBIT, COSO, ISO 31000, ITIL, NIST, DORA. Experience in financial services, insurance, or regulated environments is preferred. Proficiency with tools such as ServiceNow and Microsoft Office Suite. Languages French: C1 (mandatory) English: C1 (strong advantage) Soft Skills Strong organizational and communication skills in multicultural environments. Ability to facilitate meetings and engage stakeholders at different levels. Detail-oriented with a commitment to high-quality deliverables and deadlines. Analytical mindset with strong problem-solving abilities. Proactive, structured, and results-driven approach. Other Requirements Willingness to travel within Portugal and internationally when required. Compliance & Ethics In this role, you will be exposed to compliance-related risks and are expected to actively contribute to protecting the Bank sector. Strict adherence to policies and regulatory requirements is essential, including: Financial Security & KYC Client Protection Market Integrity Professional Ethics Anti-Bribery & Corruption Banking and Fiscal Compliance Compliance is a core responsibility and a fundamental expectation for all employees.
Responsibilities
The role is responsible for implementing and monitoring IT governance and risk management practices to ensure alignment with group standards and regulatory requirements like DORA. Key duties include maintaining the IT risk register, leading control plan campaigns, and reporting on IT risks to stakeholders.
Loading...