Descriptif de la mission :

Within Group IT Department, and under the responsibility of the Head of governance, the contractor will have to manage the following activities:
Participate in the deployment of the IIRM process (COBIT 5)
Coordinate and manage relationship with internal and external stakeholders (Risk, internal audit, statutory auditors, regulators …)
Follow-up on the recommendations and action plan associated to different control campaigns
Deploy B.A Scoping in Archer to derive criticality
Identify the CIA value and the controls to be applied (TMC)
Deploy COBIT Fit-gap controls covering following areas (not limited):
IT Operations: Ensure m. of IT Assets, Ensure m. of Changes, Ensure m. of Problems, Ensure m. of IT Backup Policy, Ensure m. of Incidents, Ensure m. of Configurations, Ensure m. of Service Requests
Governance, risk & compliance: Manage Enterprise Architecture, Manage Information Risks, Manage Controls, Manage Compliance, Monitor IT Budget, Ensure m. of Providers, Ensure m. of Solution Identification & Build
Open the B.A to the FitGap tool and link it (with Tech corresponding control)
Manually verify each evidences provided and indicate whether it is ToD/ ToE and indicate the result of testing
Challenge Tech control campaign results
Evidence collection and control deployment for Tech deficient controls (re-test)
Open Archer risk, and request BO Validation.
Based on the decision made, track the implementation of the mitigation measures or track the risk acceptance expiration date.
Contribute to the production of the different regulatory reporting for (NBB) (Finma, Bafin, ACPR..)
Provide support to operational teams and owners of object at risks
Participate in the production of solvency 2 reportings
Ad-hoc requests: Ability to produce deliverables on short notice (Fit-gap scope overview, Ad-hoc reports on related to controls campaigns, ITSB one pagers, DRRC one pagers…)
Able to manage SPO-DMS for IT & IT Governance team
Ability to analyze & deploy CUEC controls based on ISAE Reports

Experienced in addressing IT/IS Risk-related topics, with a strong preference for familiarity with the COBIT Framework.
Proven ability to manage multiple tasks simultaneously while adhering to defined deadlines.
Technical expertise: Advanced knowledge of audit and internal control methodologies, with proficiency in frameworks such as COBIT, ITIL, and NIST.
Strong communication skills, capable of engaging effectively with stakeholders at various managerial levels.
Skilled in prioritizing tasks, managing complexity, and possessing a solid understanding of IT organizations and processes.
Highly analytical, detail-oriented, and well-organized, with a methodical approach to problem-solving.
Competent in delivering high-level summaries of control campaign results while also providing detailed insights when required.
Capable at explaining the root causes of findings to senior management in a clear and concise manner.
Proactive and solution-oriented approach, does not wait for instructions to act.
Fluent in English.

Environnement Technique

COBIT

IT Risk Management