Context
Degroof Petercam Bank is seeking an IT Risk Manager to join its independent risk control department, which oversees all commercial and operational activities across the organization. As part of the second line of defense, you will establish, maintain, and supervise the Bank's IT and cyber risk framework while challenging and supporting the IT department and operational units.
Your role ensures that management and the Board receive a comprehensive and objective view of the Bank's operational and IT risks.
Your position
Responsibilities
Reporting to the Chief Risk Officer (CRO) of Degroof Petercam Bank and functionally to the Group IT Risk Lead at Indosuez (MRSI Federal) your main tasks and responsibilities will be:
* Ensure the proper implementation of the Operational Risk framework by the First Line of Defense.
* Design, publish, and maintain IT risk and information security policies.
* Monitor compliance with information security policies and applicable regulations.
* Perform technological and regulatory watch in IT and cyber security.
* Support staff training and awareness initiatives related to IT risk and procedures.
* Supervise and challenge the documentation, analysis, and root causes of IT and security incidents, including major incident reporting under DORA.
* Challenge and validate IT risk assessments (RCSA) and project risk analyses.
* Follow up on action plans related to identified risks or major incidents.
* Design and implement Second Line of Defense controls.
* Ensure alignment between IT risk activities and Business Continuity Management (BCP/DRP).
* Maintain strong, constructive relationships with operational units.
* Implementation and monitoring of IT Risk KRIs aligned with the Bank's risk appetite.
* Contribution to regulatory reporting (e.g., ICAAP, ICER).
* Regular reporting to dedicated committees on IT incidents, cyber security posture, and second line tests.
* Completion of all RCSAs and control testing plans on schedule.
* Validation of project risk assessments before go‑live.
* Tracking and challenging root‑cause analyses of major incidents.
* Monitoring and challenging remediation plans within agreed deadlines.
* Supervision of compliance with regulatory obligations (e.g., Swift CSCF, NBB IT risk self-assessment), and timely implementation of audit recommendations (internal, external, regulatory).
Your profile
* Strong knowledge of financial instruments, banking activities, processes, and European regulations.
* Network Security, ITGCs, Encryption, Cloud Security, AI
* Proactivity, communication, independence, assertiveness
* Strong analytical and synthesis capabilities.
* Broad multidisciplinary understanding of IT and security topics.
* Proficient in MS Office (Excel, Access, PowerPoint).
* Fluent in French, Dutch, and English.
* Excellent communication skills adapted to different audiences.
* Strong problem‑solving, organizational, and responsiveness capabilities.
* Ability to promote IT and cyber risk awareness across the organization.
* Team‑oriented mindset with capacity to work collaboratively.
* High initiative and results-driven approach.
* Master's degree in Computer Science or equivalent experience.
* Relevant certifications required: CISSP, CISA, CISM, CRISC, ISO 27001 Lead Auditor, PCI‑DSS QSA, etc.
* 5–10 years of proven experience in IT/cyber security or information risk management.
* Comfortable handling complex, cross-functional issues.
* Designs and implements solutions while considering broader business impacts.
* Learns and adapts quickly to new concepts, processes, and organizational changes.
* Works autonomously and consults with leadership on major-impact matters, providing legally compliant, pragmatic solutions.
* Regular interaction with stakeholders at all levels, including the Executive Committee, NBB, and external auditors.
* Provides expert technical advice and builds trust-based relationships.
* Adapts communication style to diverse audiences with diplomacy and clarity.
* Acts as a recognized expert in IT Risk Management.
* Coaches and supports staff to strengthen IT and security risk awareness across the organization.
Our offer
For more than 150 years, Degroof Petercam has been a reference investment house. Entrepreneurship is our DNA, expertise is our fuel. You will become part of a company with highly skilled, talented and passionate experts that aim for nothing less than excellence. The impact of our work goes beyond profit by looking at business from a broader perspective, challenging those who want to intellectually. As a part of Indosuez Wealth Management and Crédit Agricole, we offer our people ongoing learning and development and mobility on an international scale.
In addition to our fascinating work environment, we also offer:
* A broad offer of learning & development programs including a Degroof Petercam Academy for both professional and personal goals.
* An attractive and market conform compensation package
* Flexible working hours & teleworking
* An Employee Social Engagement Program
* Access to the same Private Banking Expertise as our clients