- Company Name
- KBC Bank & Verzekering
- Job Title
- Risk Officer
- Job Description
-
**Job Title:** Risk Officer
**Role Summary:**
The Risk Officer leads the assessment, monitoring, and mitigation of information security, cyber, and IT risks across the organization. This role ensures robust controls, measures maturity, and provides transparent reporting to senior leadership, enhancing the resilience of the business and safeguarding critical assets.
**Expectations:**
- Conduct independent risk investigations to validate control effectiveness.
- Serve as a proactive risk radar, observer, and facilitator within the risk management framework.
- Define, implement, and refine risk controls and best‑practice procedures.
- Develop metrics to gauge control maturity and report findings to key stakeholders.
- Translate risk insights into actionable recommendations for senior management and the risk community.
**Key Responsibilities:**
- Perform comprehensive risk assessments in information security, cyber, and IT domains.
- Design, select, and monitor controls and risk mitigation practices.
- Establish metrics and KPIs to assess control maturity and risk exposure.
- Produce clear, structured risk reports for Group Executive Committee, CRO, IT Risk Community, and other stakeholders.
- Facilitate risk discussions, workshops, and risk‑aware decision making.
- Oversee incident and crisis management processes, business continuity, and third‑party risk governance.
- Champion a culture of risk awareness and continuous improvement across the group.
**Required Skills:**
- Strong analytical and investigative skills in information security, cyber, and IT risk.
- Expertise in risk assessment frameworks, control design, and maturity models.
- Knowledge of incident response, crisis management, business continuity, third‑party, and cloud risk.
- Excellent written and verbal communication in English.
- Ability to act independently, facilitate cross‑functional collaboration, and influence senior leadership.
- Familiarity with risk‑management tools and reporting platforms.
**Required Education & Certifications:**
- Bachelor’s or Master’s degree in Information Technology, Cyber Security, Risk Management, or a related field.
- Professional certifications such as CISSP, CISM, or CISA are highly valued and considered an asset.