let’s make something together

Give us a call or drop by anytime, we endeavour to answer all enquiries within 24 hours on business days.

Find us

PO Box 16122 Collins Street West
Victoria 8007 Australia

Email us


Phone support

Phone: + (066) 0760 0260
+ (057) 0760 0560

IT Risk and Control Manager

  • By Agnieszka Gabzdyl
  • 14 October 2021

• Previous experience on similar role
• Experience with IT

• Risk and Control Manager – The successful candidate will manage the risk at department level by closely working with the IT Service Owners, Asset Class Management, CCO Tech as well as business stakeholders.
• Strategic Planning – Create forward looking view of what the strategy should be with regard to Risk & Control.
• Relationship Management – Build and maintain relationships within Markets and Security Services and the Risk and Control Organization, to cultivate Cybersecurity awareness and development best practice.
• Risk Review – Actively participate in various risk related reviews including both internal and external audits. Build skills supporting risk assessment and prioritization of those initiatives which provide the best result for business.


• Manage IT risks & controls within IT Germany
• Assist in delivery of risk & control projects and programmes– including building of strong relationships with the IT teams in Germany and Poland
• Communicate risks through reporting, business governance processes and forums
• Assist service owners in responding appropriately and effectively to firm-wide risk, cyber and corporate control initiatives
• Partner with service owners and Asset Class RCOs to identify and assess controls, determine mitigating actions and remediation activities, and understand the overall risk profile
• Support IT engagement with internal / external / client audit and Regulatory Exams, including oversight of field work, collation of artefacts and partnership with CCO tech to remediate issues
• Advocate and support initiatives to improve accuracy across all Enterprise Golden Source data repositories
• Challenge where appropriate, decisions made on control implementation
• Advocate security policies and standards to the respective region
• Integrate into the development process, attending scrums and owning security use cases and stories
• Support initial risk assessment process and providing consultancy and guidance
• Contribute to review of security standards and procedures to work towards automation of reports
• Interpret and advise on the results from security testing to both technical and non-technical audiences


• Skilled risk-assessor – facing varied IT Operational risks the candidate is able to effectively manage priorities
• Excellent communicator – both to business and technical colleagues, through verbal and written mediums to managers and business governance forums
• Ability to build relationships by communicating, influencing and negotiating effectively with business heads, senior managers, third party consultants, technical experts across the whole department and business users.
• Strong customer focus with a drive to deliver standards of service to internal clients at least equivalent to external providers.
• Able to direct others without having authority or seniority over them
• Able to ensure accurate information maintenance at all levels despite rapid and frequent changes
• Understand how technology and process change adds value to the business and ultimately the end customer
• Ability to rapidly build and manage a strong network of relationships based on integrity and trust.
• Ability to influence and negotiate across all levels inside the company and with external third parties
• Strong skills in articulating messages to the business and enabling/ facilitating decision making
• Able to work with autonomy and be a self-starter

Note: Prepare your CV in English (PDF), fill in the form, and apply!

Please include in your CV the following clause necessary for the recruitment process:

“I agree to the processing of personal data that I have made available voluntarily in the recruitment process by the Administrator of personal data, i.e. Dotcommunity Spółka z ograniczoną odpowiedzialnością [Ltd.] based in Cracow, 15 Żabiniec Street, 31-215 Cracow, registered in Poland, the Cracow’s District Court – Śródmieście, XI Commercial Division of the National Court Register under number 0000468484, VAT number: 9452174499, (“Dotcommunity”) in order to carry out the recruitment process for the IT Risk and Control Manager position on the basis of Art.6 item 1a of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)”