Job Description

About the job
About Revolut People deserve more from their money. More visibility, more control, more freedom. And since 2015, Revolut has been on a mission to deliver just that. With an arsenal of awesome products that span spending, saving, travel, transfers, investing, exchanging and more, our super app has helped 25 million customers get more from their money. And we're not done yet.

As we continue our lightning-fast growth, we believe that two things are essential to continuing our success: our people and our culture. So far, we have 5000 people working around the world, from our great offices or remotely, on our mission. And we're looking for more. We want brilliant people that love building great products, love redefining success, and love turning the complexity of a chaotic world into the simplicity of a beautiful solution.

About the role Our Technology team isn't just one of the best in the industry, it's one of the best in the world. And we're proud of it. It's our driving force; our engine From building a new banking backend to creating an award-winning app, there's nothing (and we mean nothing) our tech team can't do.

Our Technology team isn't here to fix legacy systems - it's here to build world-class financial products from the ground up. Products that will be used by millions of people around the world (18 million people, not that we're counting)

We're building one of the best Information Security teams to make Revolut the safest place to keep your money - and that's where you come in. We need a highly experienced and detail-oriented Technology Risk Officer to support risk management across Technology and Product departments Someone with solid knowledge about technical risk and an absolute love for security technologies

Up for the challenge? Get in touch

What you'll be doing

Working across the Technology and Product teams to analyse and better understand their risk profile, actively support them in managing and reducing risk, design, implement and test controls
Performing risk and control assessments and deep dives within various product and technology teams to come up with actionable insights
Proactively managing risks to reduce/limit major incidents, breaches or examples of non-compliance in technology risk
Establishing and running risk committees and working groups to improve the risk posture of the organisation
Delivering technology risk insights for the Board & Executive Committees, including data-driven risk reports, and development of strong monitoring metrics (KRIs,BCIs)
Regularly engaging with internal and external stakeholders on the group's IT risk posture
Driving effective implementation and communication of operational risk management policies and guidelines.
Providing IT risk management consulting to the business, technical & operations groups
Identifying and assessing the impact of technology risk on projects and develop mitigation strategies

What you'll need

2 to 5 years of experience in similar role
Knowledge about IT infrastructure (Cloud), operations, software, hardware, tooling, data flows, change control, BC/DR and the impact of these on an organisation's risk posture, security policies, and operational resilience arrangements
Knowledge of products, services and tooling related to technology product delivery with Agile and kanban methodology
Ability to apply knowledge to contribute to the risk discussions related to these products, tools and processes
Understanding of the hierarchy of technology, operations and security policies and standards, policy compliance and oversight processes
Ability to adapt messages based on the audience and expectations while interacting with 1LOD and other stakeholders
Ability to define risk appetite, risk impact and identify risk likelihood; apply risk assessment and management processes; measure risks against firms risk appetite at a detailed level across the risk reporting categories and their supporting risk areas
Experience in the RCSA process, tools and frameworks, ability to provide support to 1LOD in performing the control testing

Nice to have

Data and SQL skills
Knowledge and experience of industry and regulatory standards related to Technology and Security (SOX / SOC2 / ISO / COBIT / ITIL, etc.)

Building a global financial super app isn't enough. Our Revoluters are a priority, and that's why in 2021 we launched our inaugural D&I Framework, designed to help us thrive and grow everyday. We're not just doing this because it's the right thing to do. We're doing it because we know that seeking out diverse talent and creating an inclusive workplace is the way to create exceptional, innovative products and services for our customers. That's why we encourage applications from people with diverse backgrounds and experiences to join this multicultural, hard-working team.

By applying for the above position, you will confirm that you have reviewed and agreed to our Data Privacy Notice for Candidates.

Quick response

Required Knowledge

• K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
• K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• K0004   Knowledge of cybersecurity and privacy principles.
• K0005   Knowledge of cyber threats an`d vulnerabilities.
• K0147   Knowledge of emerging security issues, risks, and vulnerabilities.
• K0296   Knowledge of capabilities, applications, and potential vulnerabilities of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.
• K0314   Knowledge of industry technologies’ potential cybersecurity vulnerabilities.

Required Skills

Required Abilities

• A0094  Ability to interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives.
• A0118  Ability to understand technology, management, and leadership issues related to organization processes and problem solving.