Responsibilities
* Deliver, operate, and continuously improve IT and Cyber GRC services, processes, and tools
* Design, maintain, and optimize IT and Cyber GRC processes within the Group GRC framework
* Ensure alignment of IT and Cyber GRC activities with regulatory requirements and industry best practices
* Manage GRC tools operations, monitor performance, handle incidents, and ensure timely escalation
* Translate Group and local regulatory requirements into pragmatic and effective GRC solutions
* Support IT and business units in implementing Governance, Risk, and Compliance controls
* Lead and manage GRC evolutions from requirement analysis through production deployment
* Collaborate with stakeholders to clarify expectations, resolve blocking points, and drive user adoption
* Design and deliver dashboards, reporting, documentation, and user training
* Organize and facilitate agile ceremonies to ensure transparency and alignment
Mandatory Skills
Technical & GRC Skills
* Strong IT background with solid understanding of corporate IT environments
* Proven experience in IT and Cyber GRC, including cyber risk, compliance, and control frameworks
* Hands-on experience with a GRC suite/tool
* Strong knowledge of cloud environments (SaaS, AWS, Microsoft 365, HSP)
* Knowledge of secure software development practices, network and OS security, PAM, and containerization
Business & Regulatory Knowledge
* Expertise in information security and risk management frameworks (ISO 27001, NIST, SOC, OWASP)
* Strong understanding of regulatory requirements and standards (GDPR, DORA, PSD2, EBA guidelines, PCI-DSS)
* Knowledge of control frameworks and audit methodologies
* Experience in financial services or large corporate environments
Professional & Language Skills
* 5+ years of relevant professional experience in IT and Cyber GRC
* Fluent in English and French (spoken and written)
* Strong analytical, problem-solving, and stakeholder management skills
* Excellent communication skills with a consulting mindset