122 580
18 317
Senior IT Risk Specialist Miejsce pracy: Kraków Technologies we use Operating system Windows Your responsibilities Serve as the SME for third-party reporting assurance, encompassing ISAE3402 and supporting ISAE3000 (Data privacy). Act as SPOC supporting the external auditors, internal audit, cybersecurity, and the IT owners. Work with cross-functional teams and the first line of defence to identify, assess, and support mitigation of IT risks across critical services, new products, and projects, ensuring alignment with internal policies. Provide second line oversight, providing independent review and challenge of IT risk assessments, helping ensure compliance with frameworks, regulatory requirements, and industry standards. Respond to internal control inquiries, track remediation efforts to resolution, and support the design and effectiveness of IT controls supporting controls and compliance. Analyse information flows and business processes to identify potential IT and security risks, including those related to End-User Computing (EUC) applications. Our requirements Familiarity with (preferably solid experience with) using relevant industry standard IT standards and frameworks such as IRAM2, COBIT, ITIL and ISO27001. Strong understanding of regulatory requirements and industry standards (e.g. EBA, DORA, GDPR, ISO 27001/27002, NIST, PSD2, ISO 22301, NIS2) related to IT risk management and cybersecurity. Self-driven and demonstrate the ability to take full ownership of activities and responsibilities, ensuring tasks are completed efficiently and effectively, and proactively addressing any challenges that may arise. Strong interpersonal, communication and presentation skills necessary for interaction with business leaders and teams across all levels of the organization. Passionate about continuously acquiring knowledge and desire to grow. Foster a work environment that promotes respect, cultural awareness, and the development of skills to engage effectively with individuals from diverse backgrounds. Knowledge of both financial services industry and payment processing industry is a plus. Degree in Engineering, Computer Science, Information Systems, or a related field; advanced degree or relevant certifications (e.g., CISSP, CISM, CRISC, CISA) preferred. At least 10 years of work experience in IT risk management, cybersecurity, IT audit or related fields. Excellent command of spoken and written English. This is how we organize our work This is how we work in house Team members cybersecurity specialist What we offer Attractive salary and an overall competitive package Well-structured training for the job and constant support from your manager Hybrid way of working Flexible work hours Home equipment allowance Equipment needed for the role (laptop and mobile phone, including monthly mobile phone subscription) Benefits sharing the costs of sports activities private medical care sharing the costs of foreign language classes sharing the costs of professional training & courses life insurance remote work opportunities flexible working time integration events retirement pension plan extra social benefits holiday funds employee referral program charity initiatives extra leave Shape the Future of Payments with Nexi in 2025 Envision a world where every transaction feels effortless, safe, and connected. At Nexi, we’re leading this transformation, building tools and solutions that redefine how the world pays. By joining us, you’ll play a part in creating the next generation of digital payments in an innovative, supportive, and international environment. About your future role As an IT Risk Specialist, you will be part of a passionate IT Risk management & Resilience team within a larger Risk Management & Regulatory Compliance department in the second line of defence. You will work in a collaborative and hands-on environment with a supportive atmosphere that emphasizes a good team dynamic and knowledge sharing. Being part of a larger group provides a network across Europe, offering opportunities to share knowledge and experience broadly. You will regularly interact with the Group IT Risk Management team and contribute to shaping the future of IT Risk management across the Group. The position is in Krakow, Poland and offers hybrid ways of working, enabling flexibility in working hours and working place. Service HUB Poland Discover Life at Nexi We’re an international team of 10,000 people across 25 countries, united by shared ambition and a passion for innovation. Learn more about our culture, Values, and how we’re shaping the future of digital payments. Visit our Life at Nexi page. Diversity and Inclusion at Nexi We are proud to be an equal opportunity employer: together, we succeed by embracing our differences and creating a future where everyone can thrive. Your Next Step Starts Here If this opportunity excites you, we’d love to hear your story. Submit your application today, and let’s shape the future of digital payments together! Dziękujemy za wszystkie przesłane aplikacje - zapoznamy się z każdym CV, zastrzegamy sobie jednak możliwość odpowiedzi tylko na wybrane zgłoszenia.Dokument powinien zawierać klauzulę: „Wyrażam zgodę na przetwarzanie moich danych osobowych dla potrzeb niezbędnych do realizacji procesu rekrutacji (zgodnie z Ustawą z dnia 29.08.1997 roku o Ochronie Danych Osobowych; tekst jednolity: Dz. U. z 2002r. Nr 101, poz. 926 ze zm.)”