Birbank is looking for a candidate to take on a key role in identifying, assessing, and monitoring IT risks. The position involves ensuring compliance with regulatory requirements, maintaining the IT risk register, preparing risk reports for senior management, and evaluating new initiatives and IT budgets from a risk perspective. Master’s degree in Computer Science, CIS, Engineering, Business Administration, Cybersecurity, or a related field;Minimum 5 years of experience in IT governance, information security governance, or related roles, preferably within the banking or financial services sector;Strong understanding of IT risk management frameworks and international standards such as ISO/IEC 27001, NIST CSF 2.0, COBIT, PCI DSS, or CMMC;Professional certifications such as CRISC, CISM, CISSP, CISA, or equivalent;Proven experience implementing and overseeing risk assessment processes, risk registers, and control assurance programs;Familiarity with regulatory expectations from bodies like Basel Committee, Central Bank, or other financial regulators;Excellent analytical, strategic, and problem-solving skills;Strong leadership capabilities and the ability to inspire and motivate teams;Effective communication skills, capable of engaging with both technical and non-technical stakeholders;Demonstrated ability to manage high-pressure situations and adapt to changing regulatory landscapes. Opportunities for professional growth and developmentCompetitive salary and bonusesComprehensive insurance coverageSupportive work environmentVisa Premium salary cardCorporate discounts and eventsAdditional vacation daysDiscounted education and employee loansNew cozy studio office in Port Baku Tower 2Strong teamwork with Agile principles, regular team buildings and themed eventsMulticultural environment with foreign colleagues sharing their best experiences Development of policies for the identification, assessment, and monitoring of IT risks;Risk-based evaluation of planned activities within the IT strategy;Scenario-based modeling of potential outcomes of technological risks (e.g., downtime, data loss, etc.);Registration, updating, and tracking of IT risks;Submission of quarterly reports on IT risks to senior management;Preliminary assessment of IT risks in new initiatives and changes;Approval of high-risk changes and incidents initiated by the IT functions;Monitoring compliance with relevant requirements of the Central Bank and other regulatory authorities;Identification and optimization of high-risk IT budget items;Measurement of performance indicators related to IT risk management.
