ICT Risk Manager
Building trusted markets —powered by our people.
At Cboe Europe, we inspire our people to solve complex challenges together because what we do matters. We provide the financial infrastructure that powers the global economy. As a leading provider of market infrastructure and tradable products, Cboe delivers cutting-edge trading, clearing and investment solutions to market participants around the world.
We’re building inclusive ways to support professional and personal development while strengthening the trust we’ve earned as a global market leader. Our teams are empowered to share ideas, actively pursue them and bring on a challenge. As champions of internal mobility and access to opportunity, we encourage our people to “go for it” and equip our managers with the training to coach their teams to the next level. Our Associate Resource Groups champion diversity, equity and inclusion, giving associates a safe space to network, share ideas and create opportunities.
Sound like the place for you? Join us!
The Risk Management and Information Security department is hiring an ICT Risk Manager (2LOD). The Operational Risk Management (ORM) team is part of the Risk Function and our second line of defence (2LoD) at Cboe and reports to the Risk Management and Information Security (RMIS) department which is led by the Group Chief Risk Officer.
The Risk Function is responsible for driving the culture of effective risk management and serves as a centralized point to facilitate risk management across the Company. With that responsibility, the Risk Function provides oversight, objectivity, and independence in the review of the key business initiatives and risk assessment of these initiatives to the enterprise as a whole. The role of the Risk Function is to be an independent and effective challenge with respect to the Company’s risks and the business efforts in mitigating identified risks.
The Information and Communications Technology (ICT) Risk Manager at Cboe will be responsible for supporting ORM as part of RMIS, leading on the development and implementation of our ICT risk management framework in preparation for compliance with the Digital Operational Resilience Act (DORA).
As part of the 2LoD for ICT risks and more broadly, ORM, the ICT Risk Manager has the responsibility to identify the key technology risks and to influence business and technology stakeholders to make informed risk management decisions.
In this role you’ll be responsible for:
The ICT Risk Manager at Cboe will be responsible for the development and implementation of a dedicated ICT risk management framework in preparation for compliance with the Digital Operational Resilience Act (DORA). Key responsibilities include:
- Reviewing existing Cboe risk frameworks and activities for implementing an ICT Risk Management Framework and Digital Operational Resilience Strategy;
- Own the applicable 2LoD risk management activities under said framework
- Establishing appropriate ICT Risk Management governance, including reporting to various management bodies, boards, committees and regulators;
- Challenging and verifying first line of defence (1LoD) risk identification(s), conducting independent ICT risk assessments, and validating risk mitigation plans implemented by the businesses; and
- Conducting independent testing and challenge of the 1LoD control environment and providing oversight and reporting where required (as part of the wider ORM team).
The ideal candidate has:
- At least 6 - 8 years of experience in a Technology Risk, Information Security or an ICT Assessment and audit role;
- Good knowledge of ICT risks, IT Control, Information Security, Business Continuity, IT operations and IT Audit and assessment methodologies and concepts;
- Experience working with ICT risks, business continuity management, IT Infrastructure and operations, IT risk and IT audit teams;
- Demonstrated experience in providing complex technology risk assessment in a regulated sector (preferably financial services); and
- An ability to articulate risk management concepts using business language.
You’ll really stand out with:
- Bachelor degree in Information Technology, Information Security, Business or Risk Management (or equivalent professional qualification)
- Industry certifications (e.g. CISA, CRISK, COBIT)
- Experience implementing relevant frameworks (e.g. ISO27001)
- Experience with GRC tool migration / implementation – preferably using Onspring
Benefits and Perks
We value the total wellbeing of our people – including health, financial, personal and social wellness. We believe standard benefits like health insurance and fair pay are a given at any organization. Still, you should know we offer:
- Fair and competitive salary and incentive compensation packages with an upside for overachievement
- Comprehensive private medical insurance for employees and their families which includes dental cover (taxable benefit)
- Cboe pays for employee access to a private GP service (face to face or phone call consultations) to make it easy and convenient for you to see a doctor
- Life and long term illness insurance for stability and peace of mind
- EAP - This service intends to help employees deal with personal problems that might adversely impact their work performance, health and well-being. This service includes short- term counselling and referral services for employees and their immediate family.
- Enhanced paid parental and adoption leave to support parents
- Cboe offers pensions contribution up to 7% of base salary. You don’t have to contribute yourself.
- ClassPass Corporate Membership which provides access to on-demand classes, livestream classes, in-person classes and wellness sessions across different fitness genres. (taxable benefit)
- 25 days holiday per year per holiday year for full time employees, increasing with length of service at a rate of one extra day per completed years’ service, up to a maximum of 30 days.
- Flexible, hybrid work environment, where you choose where and how you work
- Discounted Employee Stock Purchase Plan
- Employee referral bonus program
- Complimentary lunch, snacks and drinks in any Cboe office
- Paid tuition assistance and education opportunities
- Generous charitable giving company match
- Volunteer opportunities to help you give back to your communities
More About Cboe Europe
We’re reimagining the future of the workplace by focusing on what matters most, our people. Our journey is an inclusive one. We’re investing deeply in leadership programs and career development initiatives that ensure everyone has an equal chance to succeed. We celebrate the diversity in our communities, inside and out, and welcome new perspectives with equity, inclusion and belonging.
We work with purpose, solving problems with ingenuity, collaboration, and a lot of passion. We’re an engaged and excited team connecting markets across borders and embracing growth in all its forms to achieve incredible outcomes.
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our associates' differences, including race, religion, sex, sexual orientation, gender identity, national origin, age and disability
Any communication from Cboe regarding this position will only come from a Cboe recruiter who has a @cboe.com email or via LinkedIn Recruiter. Cboe does not use any other third party communication tools for recruiting purposes.