Urban Connect

IT Risk & Compliance Officer for Cloud

Urban Connect  •  Bucharest, RO (Hybrid)  •  3 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Job Location: hybrid in Bucharest

Recruitment process:

  • HR screening
  • Technical Interview
  • Cultural discusion

This role requires close collaboration with platform owners and development teams to build a strong high-level understanding of risk, while also being able to zoom in and out of the details to ensure a clear understanding of the solution design and to design effective controls.

Job Responsibilities:

  • Provide cybersecurity, IT risk, and regulatory compliance advice to platform owners, development teams, and business functions, in line with internal policies and standards such as NIST, SOX, PCI-DSS, and other relevant best practices, to support secure and compliant cloud adoption.
  • Bridge the gap between technical and audit teams by working with platform and development teams to translate complex technology or application stacks into risk-based language for Internal and External Audits.
  • Perform IT risk assessments for new platforms and significant platform changes, using the organization's risk and control framework, to identify key risks, assess control effectiveness, and recommend appropriate remediation actions.
  • Advise stakeholders on the design of sustainable, proportionate, and scalable controls, including cloud control requirements for identity and access management, logging, encryption, network security, and configuration governance, to strengthen risk management and compliance.
  • Develop and enhance cloud guardrails, standards, and control requirements, in line with internal governance and regulatory expectations, to support secure onboarding and consistent use of cloud services across platforms.
  • Drive continuous improvement and harmonization of cloud controls across platforms, following internal control standards and compliance requirements, to simplify compliance and improve control consistency.
  • Coordinate with Security, Risk and Controls, Internal Audit, External Audit, Business Continuity, IT Disaster Recovery, and Service Continuity teams, and support audit evidence requests as needed, to ensure effective risk oversight and timely audit support.

Required qualifications:

  • Preferred: 5+ years of experience gained within IT risk, compliance, internal controls or audit within a highly regulated industry.
  • Minimum: 3 years of experience gained within IT risk, compliance, internal controls or audit within a highly regulated industry.

Technical skills:

  • Strong expertise in business analysis, auditing, corporate governance, risk management or internal controls.
  • Ability to assess risks, evaluate controls, and provide practical, proportionate recommendations to both technical and non-technical stakeholders.
  • Basic technical understanding of internal control requirements and design and experience in applying them in various businesses.
  • Ability to translate complex technology and application stacks into risk-based language for Internal and External Audits.
  • Good technical expertise in Cloud Security and Compliance (AWS – strongly preferred, GCP, Azure, etc.) and DevOps domain.
  • Knowledge of cloud risk and control domains, including identity and access management, logging and monitoring, encryption, network security, and configuration governance.
  • Familiarity/experience working with a wide range of technologies (internally developed applications, Windows, Linux, Databases, Gitlab, etc.) from a risk and security perspective.

Soft skills:

  • Strong stakeholder management and communication skills, with the ability to collaborate effectively across technology, risk, audit, and business teams.
  • Ability to build solid relationships with business partners to drive the adoption of the risk management culture.
  • Ability to break down complex tasks into logical, manageable, and well-defined actions, ensuring effective execution and timely delivery.
  • Ability to adapt quickly to change and demonstrate flexibility and agility in response to evolving business priorities, stakeholder expectations, and the client's regulatory or operating environment.
  • Proven ability to work autonomously while remaining a collaborative and effective team player.

Desired qualifications (Nice to have):

  • Cloud certifications are an advantage for this position. Relevant certifications include AWS certifications, ISC2 certifications such as CCSP, and the Certificate of Cloud Security Knowledge (CCSK) issued by CSA.

Work conditions:

Working hours: 9:00-18:00
Working setup (hybrid, on site, remote): hybrid way of working with an onsite presence of 2 days/week.

Urban Connect

About Urban Connect

Urban Connect started with the vision to help companies and job seekers find a perfect match. Our team is passionate about growing and leading your business towards success. We are thorough in our searches, provide open feedback and value long-term relationships with both our clients and candidates. This is how we manage to continuously grow our network and provide a meaningful professional experience.

Industry
HR & Recruiting
Company Size
1-10 employees
Headquarters
Timisoara, RO
Year Founded
2017
Social Media