Risk Analyst Lisboa

Risk Analyst
Lisboa
Lisboa, Lisboa, Portugal

Decskill was founded in 2014 as an IT Consulting Company and their main mission is to deliver value through knowledge.

We enable companies to meet the challenges of the digital world by providing our clients with business models that ensure technological capacity, flexibility, and agility.

We are more than 500 consultants with offices in Lisbon, Porto, and Madrid.

DECSKILL operates in 3 main areas: DECSKILL TALENT, through which we provide our clients with an extension to their IT teams; DECSKILL BOOST, through which we provide our clients with software development models to increase capacity and optimize Time-to-Market, where we create and manage teams that deliver according to their needs, at the desired speed; DECSKILL CONNECT, through which we provide our clients with consulting services, as well as the implementation and management of information technology infrastructures.

Our practice results in the creation of value for our customers, either by delivering qualified and
- added services, or through highly qualified and motivated professionals, as well as technology solutions that allow us to operate and transform the business of our customers.

We are looking for a Risk Analyst!

Responsibilities:

1. Contribute to the deployment of the CDF Xshore program in Portugal, India, and Poland.
2. Manage CDF initiatives (i. e.
   - projects) from ideation up to Go live as per defined Third-Party Risk Management process, governance, and methodology.
3. Provide operational support to CDF teams in their implementation of the extended team in Portugal, India, and Poland, organizing change management for onshore teams.
4. Elaborate the contract (SLA, billing process) between CDF Department and each location concerned, and supervise the contracting.
5. Contribute to the creation of Mutualized "Cybersecurity services" within BNPP from ideation up to Go live as per defined Third-Party Risk Management process, governance, and methodology.
6. Work with internal Functions' SMEs (Tax, Legal, Compliance, Data, etc. ) to identify the main risks.
7. Mitigate the risks by defining, following, and executing actions to meet SMEs conditions (as defined in the corresponding risk assessment).
8. Contribute to the reporting required at CDF level (monthly steering committee) and by IT Group Central Sourcing teams (project card, risks…).

1. General knowledge on IT topics and/or IT Risk and Cyber Security.
2. Risk Knowledge & outsourcing awareness.
3. Ability to understand defined Governance and Methodology, to elaborate transversal processes.
4. Ability to lead a meeting, seminar, or committee.
5. Ability to establish and activate networks.
6. Ability to negotiate (proficient).
7. Ability to set up criteria to define and analyze risk levels.
8. Knowledge of data protection regulatory landscape, internal policies, and standards.
9. Knowledge of major frameworks, issues, and developments regarding Law and Regulation.
10. Tools – Technologies.
11. Experience level: At least 5 years, experienced profile is expected.
12. Risk assessment: awareness of ISO 27001/27005/Ebios RM or any other risk management framework.
13. Any certification or relevant experience related to Third Party Risk Management or Outsourcing is strongly recommended.
14. Ability to Synthesize/Simplify.
15. Communication Skills - Oral & Written.
16. Proactive, act as a critical thinker.
17. Ability to explain and manage the Change.
18. Critical Thinking.
19. English (Mandatory).