ICT & Security Risk and Control Specialist

VÚB Bank is the second largest bank in Slovakia and part of the Intesa Sanpaolo international group – one of the leading banking groups in Europe. First and foremost, we are a community of passionate people who believe in an environment where everyone has the space to grow and develop their potential. Our greatest value is our people. We build our corporate culture on respect, empathy and trust – thanks to which our employees feel appreciated and supported. As the first bank in Slovakia to receive the international TOP Employer title, we have set a new standard for the working environment. We offer flexible work arrangements – where the nature of the position allows, employees choose when to work from home and when from the office. We see technology as the key to the future – we constantly look for digital solutions that simplify work and move us forward. We support education – not only in the area of expertise but also in personal growth and development of human potential. We recognize the importance of mental health – which is why we offer comprehensive programs and benefits that help our colleagues maintain psychological well-being and balance. We do our best to create a healthy, modern and satisfying work environment. If you want to be part of us, definitely reach out.

Salary conditions: From €2,700/month. We offer a salary discussion starting at this amount. Final salary level depends on professional qualifications and experience.

Purpose and job description: Are you inquisitive, analytical by nature, familiar with IT and security environments and their processes? Do you need to understand things in depth? Join us! We are looking for a colleague to help us manage ICT and security risks by performing 2nd-line control activities.

Key responsibilities – 2nd-line control:

• Perform 2nd-line control activities, especially testing processes subject to ICT and security risks (e.g., configuration management, endpoint security, data classification and handling, vulnerability & patch management, cryptography & protection, incident response, and implementation processes in ICT and security)
• Evaluate performance and effectiveness of 1st-line control activities in ICT and security risk areas
• Assess effectiveness of remediation actions identified at all three control levels
• Participate as a risk management representative and 2nd-line controller in selected working groups and committees related to ICT and security risk (e.g., ARB, CMC, Idea Committee, or any committee making decisions impacting ICT risk levels)

Regular ICT & security risk assessment / KRI evaluation:

• Manage KRIs, perform regular evaluations, trend analyses, identify effectiveness and predict anomalies; report deviations and propose corrective actions with process owners
• Collaborate with 1st-line control on ICT and security risk self-assessment

Aligning regular ICT risk management processes:

• Manage logistics and materials for ICT RAT/ORC committees and other ICT risk governance meetings
• Prepare reports for regulators such as SREP JST, materials for the National Bank of Slovakia and parent bank ISP
• Coordinate and share information from control activities with 1st- and 3rd-line control units and contribute to defining ICT risk mitigation measures

Maintenance of ICT risk registers and archives:

• Keep all identified risks up to date
• Ensure data integrity in the ICT risk register with other entities (processes, threats, metadata)
• Synchronize VÚB ICT risk registers with group risk registers regularly
• Validate data quality controls over the ICT risk register and implement corrective measures
• Analyze reports and trends related to ICT risks
• Provide support, maintain awareness, and conduct training on ICT risk registers

What you can expect from us:

• Growing benefits as you grow with us; the longer you stay, the more advantages you gain
• Annual performance bonus, dependent on company and individual targets
• Employer-paid meal allowance without employee co-payment
• Up to 10 days of paid leave beyond statutory entitlement each year
• Up to €300 cafeteria credit in VÚB’s program, growing with years of service
• Up to €100/month contribution to supplementary pension savings (pillar III)
• Preferential access to VÚB bank products and services

Required experience:

• University degree in technical, mathematical-statistical or economic field
• At least 3 years of relevant experience (ICT process management, cyber security, ICT audit, data governance with risk focus, enterprise/ICT/security architecture)
• English language skills at B2 level (C1 advantageous)
• Italian language skills of any level (advantageous, not mandatory)

Required skills, qualifications and knowledge: Personal attributes:

• Independence in problem solving and communication across the bank
• Analytical and conceptual thinking with abstraction ability
• Assertive questioning
• Proactive and creative problem-solving approach
• Curiosity, willingness to learn and adapt quickly
• Active interest in new technologies

Professional knowledge and skills:

• ICT processes, SDLC processes, frameworks and standards such as NIST, COBIT, ITIL, TOGAF
• Risk management processes
• Advanced Microsoft applications, especially Excel (including VBA), PowerPoint, Word
• Basic practical experience with SQL and data analytics – working with large data sets

Selection process: If this description interests you and you want to become our new VÚB colleague, just click “Apply” and we will get back to you. Everything important about working at VÚB we will discuss in a personal or online meeting. We look forward to hearing from you!