ICT Risk Manager

ICT Risk Manager

We are SIBS Romania. We operate in the area of financial services for banking and retail and we are passionate about simplifying daily life by innovating financial technology.

We believe that teamwork is a key element in achieving success, and we are proud to work with talented, persevering people who are not afraid to express their most creative ideas. We make a priority to ensure a workplace that drives, engages and retains them.

What makes SIBS a Great place to work?

Here are a few highlights:

• The
  team:
  you'll work with team players that are smart & friendly and that really care about the work they do, and there are plenty of happy hours and team building events to connect outside work;
• The
  growth and innovation
  : as part of a growing team, you'll have lots of opportunities for career development and be exposed to the latest technologies due to our focus on innovation on the exciting and fast growing payments industry;
• The
  benefits
  : you'll have access to a generous benefits package, like access to Bookster library, a top health insurance and competitive salaries with performance rewards.

Key Responsabilities:

• Develop and maintain the ICT risk management framework in accordance with applicable regulations (e.g. DORA) and group requirements
• Identify, assess, monitor, and mitigate ICT risks across all business units, systems, and third-party providers
• Coordinate ICT incident response, crisis management, and post-incident reviews
• Oversee ICT risk assessments, scenario analysis, and resilience testing (including threat-led penetration testing where applicable)
• Oversee third-party ICT risk management, including contract reviews, SLAs, and audit rights
• Ensure compliance with regulatory requirements and prepare reports for senior management and authorities
• Collaborate with internal teams (IT, Legal, Compliance, Audit) and other stakeholders to ensure cross-functional alignment
• Monitor emerging ICT risks, cyber threats, and regulatory developments
• Support internal and external audits related to ICT risk and digital operational resilience
• Responsible for the entire Risk Management and Internal Control System, ensuring: effective risk management within your company by identifying, analyzing, evaluating, and monitoring, directly or with the support of Risk Owners
• Continuously monitor the risks under responsibility, immediately reporting events that exceed defined tolerance limits
• Propose appropriate corrective measures to mitigate significant or materialized risks
• Designate and support Risk Owners, ensuring the implementation and testing of corrective measures and evaluating their effectiveness
• Ensure that new services or processes integrate appropriate risk controls before their launch
• Contact point with regulators (BNR, DNSC); and collaborate with the SIBS Group's Corporate Risk Management in analyzing and presenting relevant risks to the Risk Committee.

Qualifications & Skills:

• Bachelor's or Master's degree in Information Security, Risk Management, Computer Science, or a related field
• Minimum 5 years of experience in ICT risk management, IT audit, cybersecurity, or a related discipline, preferably within the financial sector
• Strong knowledge of ICT risk management frameworks, methodologies, and regulatory requirements (DORA, NIS2, ISO 27001, etc.)
• Experience with incident management, business continuity, and disaster recovery planning.

Skills & Competencies

• Strong analytical and problem-solving skills
• Excellent communication and stakeholder management abilities
• Project management and organizational skills
• Strong documentation and reporting capabilities
• Fluency in English and Romanian (additional languages are a plus)
• Understanding of ICT systems, networks, and security controls
• Ability to interpret and apply regulatory requirements to business processes.

Preferred Certifications

• ISO 27001 Lead Implementer or Auditor