Skip to main content
100 years and 69 days since the five-day weekRead the story

ICT and Security Risk Management Specialist

4 x 9hr days€1,600/moHybrid · Bratislava, Slovakia

VÚB banka is the second largest bank in Slovakia and part of the international Intesa Sanpaolo group – one of Europe's leading banking groups. First and foremost, we are a community of passionate people who believe in an environment where everyone has space to grow and develop their potential. Our greatest value is our people. We build our corporate culture on respect, empathy, and trust – which is why our employees feel valued and supported. As the first bank in Slovakia to receive the international TOP Employer title, we have set a new standard for the work environment. We offer flexible working arrangements – where the nature of the position allows, employees choose for themselves when they work from home and when from the office. We see technology as the key to the future – we constantly seek digital solutions that simplify work and move us forward. We support education – not only in professional expertise, but also in personal growth and human potential development. We understand the importance of mental health – that is why we offer comprehensive programs and benefits that help our colleagues maintain psychological well-being and balance. We do our best to create a healthy, modern, and satisfied work environment. If you want to be part of us, definitely get in touch.

Salary conditions

from €2,700/month

We offer salary discussion starting at this amount. The final salary level depends on professional qualifications and experience.

Purpose and job description

What we expect from you

Are you thoughtful, do you like to analyze things, do you move in the IT and Security environment, do you understand its processes? Do you need to understand things in depth? Join us!

We are looking for a colleague who will work with us on managing ICT and Security risks in the area of second-level control performance.

What specifically would be your task?

Area – 2nd level control

  • Perform second-level control activities, especially through process controls that are subject to ICT and Security risks (e.g., Configuration management, Endpoint security, Data classification and handling, Vulnerability & Patch Management, Cryptographic & protection, Incidents response, as well as implementation processes in the ICT and Security area);
  • Evaluate the performance and effectiveness of first-level control activities in the area of ICT and Security risks;
  • Evaluate the effectiveness of remediation of deficiencies identified at all three levels of controls;
  • Participate as a representative of risk management and second-level controller in selected working groups and committees that are subject to ICT and Security risks (currently, for example, ARB, CMC, Idea committee, but in general any committee where decisions are made on activities with so-called significant impact on the level of ICT risk).

Area - Regular ICT and Security risk assessment / risk indicator assessment KRI

  • Management of KRI, consisting of regular evaluation. Performing trend analyses over KRI and their control areas. Identifying their effectiveness with prediction of anomalous states. In case of deviations, identify causes with subsequent reporting and proposal of corrective measures together with owners of affected areas;
  • Cooperate with the first level of control on the management and implementation of ICT and Security risk Self assessment.

Area – Alignment of regular ICT risk management processes

  • Management of logistics and materials for ICT RAT/ORC committees and other committees related to ICT risk management;
  • Preparation of reports for regulators such as SREP JST, materials for NBS and parent bank ISP;
  • Coordinate and share information from control activities with departments and employees performing control activities at the 1st and 3rd level of controls and participate in setting measures to mitigate ICT risk.

Area – Maintenance of archives and registers related to ICT risks

  • Maintain all identified risks in current state;
  • Ensure data integrity in the ICT risk register with other entities such as processes, threats, or other metadata;
  • Ensure regular synchronization of VÚB ICT risk registers against others such as the group risk register;
  • Validation of DQ controls over the ICT risk register and setting corrective measures;
  • Analysis of reports and trend analysis of ICT risks;
  • Provide support, maintain awareness, and conduct training in the area of ICT risk registers.

What you can expect from us

  • As an employee, you receive benefits that will grow as you grow with us. The longer you work with us, the more benefits you get!
  • Reward for performance. Once a year you receive a bonus, the amount of which depends on the fulfillment of company and your individual goals.
  • Meal allowance fully covered by the employer without employee co-payment.
  • Up to 10 days of paid leave beyond the legal requirement each year.
  • Credit in VÚB Cafeteria up to €300, which grows with the number of years worked.
  • Up to €100 per month as a contribution to supplementary pension savings (3rd pillar).
  • Discounted VÚB bank products and services.

Want to discover all the fantastic benefits that VÚBka offers its employees? Check out our careers page and explore the wide range of our benefits!

Required experience

  • University education in technical, mathematical-statistical, or economic field;
  • Minimum 3 years of experience in a related field (ICT process management, Cyber security, ICT audit, data management with focus on risk management, Enterprise, ICT or Security architect);
  • Knowledge of English language at intermediate level B2 (C1 advantageous);
  • Italian language – any level advantageous (not required).

Required skills, qualifications, and knowledge

Personal prerequisites

  • Independence in problem-solving and communication with colleagues across the bank;
  • Analytical and conceptual thinking with ability to abstract;
  • Ability to ask questions assertively;
  • Proactive and creative approach to problem-solving;
  • Curiosity, willingness to learn, and ability to adapt quickly;
  • Active interest in new technologies.

Skills and knowledge

  • ICT processes, SDLC processes, frameworks and standards such as NIST, COBIT, ITIL, TOGAF;
  • Knowledge of risk management processes;
  • Advanced level of work with Microsoft applications, especially: Excel (including VBA experience), Powerpoint, Word;
  • Basic practical experience with SQL, data analytics – working with big data.

Information about the selection process

If this description interested you and you want to become our new VÚBkár, just click on "Respond to offer" and we will get in touch with you. We will tell you everything important about working at VÚB at a personal/online meeting.

We look forward to you!

If this description interested you, send us your CV and we will get in touch with you. We will tell you everything important about working at VÚB at an online/personal meeting. We look forward to you!