Nexi Group

Senior IT Risk Specialist

Nexi Group

full-time

Posted on:

Location Type: Hybrid

Location: KrakowPoland

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

Cyber SecurityPMP

About the role

  • Work with cross-functional teams and the first line of defence to identify, assess, and support mitigation of IT risks across critical services, new products, and projects, ensuring alignment with internal policies.
  • Provide second line oversight, providing independent review and challenge of IT risk assessments, helping ensure compliance with frameworks, regulatory requirements, and industry standards.
  • Respond to internal control inquiries, track remediation efforts to resolution, and support the design and effectiveness of IT controls supporting controls and compliance.
  • Conduct IT Project Risk Assessments (ITPRA) for strategic, high‑criticality, or complex projects, covering scenario definition, risk identification, impact assessment, and evaluation of project risk exposure.
  • Recommend mitigation actions for unacceptable risks based on the methodology's risk acceptance criteria.
  • Participate in ongoing risk monitoring meetings, ensuring continuous assessment of emerging risks, evolving complexities, and project dependencies throughout project execution.
  • Prepare and maintain risk reports using the standard templates (e.g., risk scenarios, heatmaps, risk registers)

Requirements

  • Familiarity with (preferably solid experience with) using relevant industry standard IT standards and frameworks such as IRAM2, COBIT, ITIL and ISO27001.
  • Strong understanding of regulatory requirements and industry standards (e.g. EBA, DORA, GDPR, ISO 27001/27002, NIST, PSD2, ISO 22301, NIS2) related to IT risk management and cybersecurity.
  • Self-driven and demonstrate the ability to take full ownership of activities and responsibilities, ensuring tasks are completed efficiently and effectively, and proactively addressing any challenges that may arise.
  • Strong interpersonal, communication and presentation skills necessary for interaction with business leaders and teams across all levels of the organization.
  • Passionate about continuously acquiring knowledge and desire to grow.
  • Foster a work environment that promotes respect, cultural awareness, and the development of skills to engage effectively with individuals from diverse backgrounds.
  • Knowledge of both financial services industry and payment processing industry is a plus.
  • Emerging Technologies: Curiosity and experience in designing or applying emerging technologies, such as AI agents and automation solutions, to improve IT risk processes and insights is considered an advantage.
  • Degree in Engineering, Computer Science, Information Systems, or a related field; advanced degree or relevant certifications (e.g., CISSP, CISM, CRISC, CISA, PRINCE2, PMP) preferred.
  • At least 10 years of work experience in IT risk management, cybersecurity, IT audit or related fields.
  • Excellent command of spoken and written English.
Benefits
  • Attractive salary and an overall competitive package
  • Well-structured training for the job and constant support from your manager
  • Hybrid way of working
  • Home equipment allowance
  • Equipment needed for the role (laptop and mobile phone, including monthly mobile phone subscription)
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
IT risk managementIT Project Risk Assessmentsrisk identificationimpact assessmentrisk exposure evaluationmitigation actionsemerging technologiesautomation solutionscybersecurityIT audit
Soft Skills
self-driveninterpersonal skillscommunication skillspresentation skillsownership of activitiesproactive problem-solvingcultural awarenessrespect in the workplacecontinuous learningteam collaboration
Certifications
CISSPCISMCRISCCISAPRINCE2PMPISO 27001ISO 27002NISTISO 22301