IT Risk Manager

What Awaits You

• Responsible for the process quality (traceability and completeness) and the continuous improvement Ensure process quality, including traceability, completeness, and continuous improvement
• Provide expert advisory on IT risk management processes and methodologies
• Advisory function regarding the process and methodology
• Responsible for steering the IT governance pillars and the risk management functions in the business units Oversee IT governance pillars and risk management functions within business units
• Responsible for managing FG risk reduction target Manage FG IT risk reduction targets and ensure compliance
• Network partner for BMW Group risk management (incl. reporting, audits) Act as a key liaison for BMW Group risk management, including reporting, audits, and governance oversight
• Support products and domains with the documentation of IT risks in eGRC
• Provide Methodical support in the quantitative evaluation of IT risks
• Ensure the accuracy, completeness, and consistency of IT risks reported in eGRC
• Completeness and correctness of the recorded data
• Plausibility and traceability of the risk assessment and the documented risk mitigating measures
• Escalate issues in case of non-compliance with processes or missed deadlines
• Responsible for creating standardized reports (IT central, business units, regulated areas e.g. SF/AL)
• Responsible for forecasting the target achievement for IT risk reduction in the FG (Financial groups) main department
• Escalation in case of non-adherence to the process deadlines

What Should You Bring Along

• University Degree in Cybersecurity, Risk Management, Finance, Business Administration or a related field
• Minimum 5-7 years of experience in IT risk management, IT governance, or a similar role
• Strong knowledge of cybersecurity and risk management frameworks
• Ability to analyze and assess risks with strong problem-solving and decision-making skills
• Strong communication skills in collaboration with IT teams, executives and stakeholders
• Ability to inspire and motivate teams to achieve risk management goals
• Capacity to manage IT risk initiatives and security improvements projects
• Strategic thinking in aligning IT risk management with business goals
• Knowledge and understanding of emerging cyber threats and vulnerabilities
• Familiarity with compliance standards (e.g., ISO 27001, NIST, COBIT, GDPR, PCI-DSS)
• Ability to develop and implement policies, controls, and procedures to reduce IT risks.
• CISSP, CISM, CRISC, CISA, ISO27001, CompTia Security certifications are highly desirable
• Excellent English verbal and written skills
• German communication skills will be a plus

What do we offer?

• Challenging projects with which we are shaping the mobility of tomorrow
• Great team spirit within an international team
• State-of-the-art global IT landscape and processes
• 100% implementation of the Agile Working Model methodology
• Wide range of personal & professional development opportunities
• High level of job security
• Work-Life-Balance and flexible working hours
• Attractive and performance-related remuneration
• Dynamic and highly-motivating work environment

At BMW TechWorks Romania, we view diversity and inclusion in all its forms as a cornerstone of our team's strength. Equal opportunities are a priority, and fair treatment of all applicants and employees is a fundamental principal of our corporate policy. Our recruitment decisions ensure a balanced and inclusive approach, valuing our people's different personalities and skills, experience and viewpoints, regardless of sexual orientation, national origin or citizenship, gender identity, age, race, color, ethnicity, religion, or disability.