IT Risk Manager

• Responsible for the process quality (traceability and completeness) and the continuous improvement Ensure process quality, including traceability, completeness, and continuous improvement
• Provide expert advisory on IT risk management processes and methodologies
• Advisory function regarding the process and methodology
• Responsible for steering the IT governance pillars and the risk management functions in the business units Oversee IT governance pillars and risk management functions within business units
• Responsible for managing FG risk reduction target Manage FG IT risk reduction targets and ensure compliance
• Network partner for BMW Group risk management (incl. reporting, audits) Act as a key liaison for BMW Group risk management, including reporting, audits, and governance oversight
• Support products and domains with the documentation of IT risks in eGRC
• Provide Methodical support in the quantitative evaluation of IT risks
• Ensure the accuracy, completeness, and consistency of IT risks reported in eGRC
• Completeness and correctness of the recorded data
• Plausibility and traceability of the risk assessment and the documented risk mitigating measures
• Escalate issues in case of non-compliance with processes or missed deadlines
• Responsible for creating standardized reports (IT central, business units, regulated areas e.g. SF/AL)
• Responsible for forecasting the target achievement for IT risk reduction in the FG (Financial groups) main department
• Escalation in case of non-adherence to the process deadlines

• University Degree in Cybersecurity, Risk Management, Finance, Business Administration or a related field
• Minimum 5-7 years of experience in IT risk management, IT governance, or a similar role
• Strong knowledge of cybersecurity and risk management frameworks
• Ability to analyze and assess risks with strong problem-solving and decision-making skills
• Strong communication skills in collaboration with IT teams, executives and stakeholders
• Ability to inspire and motivate teams to achieve risk management goals
• Capacity to manage IT risk initiatives and security improvements projects
• Strategic thinking in aligning IT risk management with business goals
• Knowledge and understanding of emerging cyber threats and vulnerabilities
• Familiarity with compliance standards (e.g., ISO 27001, NIST, COBIT, GDPR, PCI-DSS)
• Ability to develop and implement policies, controls, and procedures to reduce IT risks.
• CISSP, CISM, CRISC, CISA, ISO27001, CompTia Security certifications are highly desirable
• Excellent English verbal and written skills
• German communication skills will be a plus

• Challenging projects with which we are shaping the mobility of tomorrow
• Great team spirit within an international team
• State-of-the-art global IT landscape and processes
• 100% implementation of the Agile Working Model methodology
• Wide range of personal & professional development opportunities
• High level of job security
• Work-Life-Balance and flexible working hours
• Attractive and performance-related remuneration
• Dynamic and highly-motivating work environment

• Challenging projects with which we are shaping the mobility of tomorrow
• Great team spirit within an international team
• State-of-the-art global IT landscape and processes
• 100% implementation of the Agile Working Model methodology
• Wide range of personal & professional development opportunities
• High level of job security
• Work-Life-Balance and flexible working hours
• Attractive and performance-related remuneration
• Dynamic and highly-motivating work environment

NTT Data