In a nutshell

As an IT Risk Controller you play a crucial role in identifying, assessing, and managing the various risks of information technology. You will work as a global IT Risk Controller at IPF Digital AS, Estonia. You will report directly to IT Director of IPF Digital.

Your daily tasks:

• Identify IT risks, including cybersecurity threats, data breaches, system vulnerabilities, third-party vendors within the organization. Conduct risk assessments to evaluate the potential impact and likelihood of identified risks.
• Develop strategies to mitigate, transfer, avoid, or accept risks, ensuring alignment with our risk appetite and regulatory requirements.
• Create and update IT risk policies, procedures, and controls.
• Ensure compliance with relevant laws, regulations, and industry standards identifying opportunities for improvement and innovation in risk controls.
• Interpret regulatory guidelines and assess organizational compliance gaps, implementing measures to address non-compliance issues proactively.
• Lead the response to IT incidents, including investigation, reporting, and resolution, minimizing the impact on the organization.
• Develop and deliver training programs to enhance the risk awareness and compliance.
• Provide regular reports on the status of IT risks, control effectiveness, and mitigation efforts to EMI Management Board and senior management.
• Foster a culture of risk awareness and accountability across the organization through training, education, and awareness programs.
• Collaborate with relevant stakeholders to develop and maintain disaster recovery and business continuity plans to ensure the resilience and availability of critical IT systems and services.

So, what skills, knowledge and experience do you have?

Skills

• Excellent analytical, problem-solving, and decision-making abilities.
• Strong communication and interpersonal skills for effective stakeholder engagement.
• Ability to manage and prioritize multiple tasks and projects effectively.
• Very good English skills 

Knowledge

• Strong understanding of IT systems, networks, and security technologies.
• Knowledge of risk assessment methodologies and regulatory compliance, especially EMI and financial regulations.

Experience

• Proven experience in IT risk management, cybersecurity, or a related field in a global organization.
• Experience in developing and implementing risk management policies, procedures, and controls.
• Familiarity with some of the industry standards such as ISO 27001, NIST frameworks, and GDPR is a plus

Qualifications

• Bachelor's / Master's degree in Information Technology, Cybersecurity, Risk Management, or a related field.

• Relevant professional certifications are a plus, such as CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional)

You...
will love working at IPF Digital if you enjoy a truly international
work environment and being part of an international HUB team. You like
to be trusted to take responsibility for your tasks; you value friendly
and open work culture and appreciate good teamwork.

We look after...
our people by providing all-you-can-eat fresh fruit daily, lunches at
the expense of the company, and company parking where you can book a
parking place. We support an active and healthy lifestyles and have fun
team events both in the office and after work. Our employees' well-being
and happiness are one of our top priorities.

Heres how our team describes our culture:
The culture at IPFD is driven by our shared values. People are put first, we accept differences and encourage individuality. Due to our flat business structure, we enjoy collaborating together. Although recognition is highly valued, failure is accepted...as long as its fast. Enjoying some good times together is also highly encouraged!

Sounds good? We all think so at IPF Digital.