IT Risk and Control Officer
We provide a fast-growing working environment, where continuous learning is key for your and Booking.com’s development and growth. You will collaborate with other professionals that are experienced in Risk & Controls, IT Security, Internal Audit, software development, product and other fields, who will help you to learn, grow and provide you the opportunities to excel.
B. responsible
- Serve as a second line of defense point of contact, supporting product, process and control owners throughout the risk management cycle identifying, assessing, managing, monitoring, and reporting risks.
- Lead risk assessment activities for existing and new products, systems and processes, facilitating discussions between the business owners and subject matter experts across Security, Privacy, Legal and other areas.
- Provide guidance and support to the business in designing and implementing appropriate controls to mitigate company risks and support Booking.com to ensure compliance with Booking.com’s ITGC framework, SOx, GDPR and other regulatory requirements and control frameworks.
- Collaborate with internal and/or external audit, coordinating and supporting the business in preparing for audits, remediating and mitigating deficiencies.
- Build strong relationships with business leadership, internal audit, external audit, Booking Holdings and external partners, driving successful outcomes in risk management activities and maturing the risk governance across the organization.
- Support ongoing maintenance and continuous improvement of the Booking.com risk management framework, governance, tooling and processes.
- Collaborate & actively participate within the Risk & Controls team to continuously improve the team's processes, capabilities and governance.
- The ideal candidate will have a strong background in IT Risk Management, IT Frameworks, Governance and Controls, combined with an understanding of technology-based product development / DevOps processes
- Must-haves:
- 5+ years of experience gained within risk, internal controls or audit
- Strong experience with designing and/or testing IT General Controls and automated process controls
- Understanding of and experience with risk management relevant fields, including SOx, COSO, NIST
- Strong project management skills
- Strong stakeholder engagement skills (control/process owners, audit)
- Able to make decisions, assess and resolve problems effectively
- Able to work independently & autonomously, while still being a strong team player
- Enthusiastic, self-starting and enjoys change
- Fully comfortable working in English, both written and spoken
- Preferential:
- Experience designing and/or testing controls around in-house built software
- Experience in technology-based product development / DevOps processes\
- Experience in large e-commerce or tech companies
Pre-Employment Screening
If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.
