More information

• Key Accountabilities
  • Oversees the work of the Risk & Control team to ensure efficient and effective performance.
  • Collaborates with senior management to define the risk/compliance requirements.
  • Records, reviews, communicates, and implements framework policies, methodologies, standards, procedures, and controls with a view to the proper implementation of the framework and the proper protection of the information assets and systems of the Organization, in line and as appropriate with the requirements defined by best practices and where applicable as defined by the Group control functions.
  • Applies the methodology and participates in the performance of Information Security and Cloud Risk Assessments and defines action plans to mitigate the risks identified.
  • Applies the methodology and participates in the conduct of Outsourcing Security Risk Assessments and defines action plans to mitigate the risks identified.
  • Applies the methodology and participates in the conduct of Data Privacy Risk Assessments and defines action plans to mitigate the risks identified.
  • Evaluates the materiality of systems and processes considering the information they manage/process, to take informed decisions when assessing security risks and prioritize the resources for implementing the action plans.
  • Monitors the progress of implementation of the actions specified in the risk mitigation action plans, supports their resolution to eliminate weaknesses on the Organization’s systems, evaluates their successful completion, and performs related risk acceptance activities.
  • Acts as a liaison with the Group control functions to facilitate their involvement and achieve the completion of the required activities in terms of Risk Assessment and Risk Management.
  • Conducts controls maturity assessments, analyzes the results, reflects the maturity level, and defines action plans to mitigate key risks, to ensure compliance with the various Risk Management Frameworks.
  • Develops reports, presentations, and material for reporting to various Committees at an Executive level.
• Academic / Professional Qualifications
  • Bachelor’s or Master’s degree in Risk Management, Information Security, Law or a related field.
  • Professional certifications (e.g. CRISC, CISM, CISSP, ISO 27001, GDPR/DPO) will be considered as an advantage.
• Experience and Skills
  • Minimum 7 years of relevant experience (e.g. Governance, Operational Risk, Information Security, Compliance, Data Privacy etc).
  • Strong knowledge of risk and control frameworks, data privacy, and cloud security principles.
  • Experience in leading teams and managing people.
  • Experience in senior stakeholders’ engagement.
  • Excellent analytical and reporting skills
  • Excellent interpersonal and communication skills.
  • Ability to work across functions.
  • Ability to deliver multiple projects under pressure.
  • Ability to take initiative and make decisions.
  • Excellent written and verbal communication in both Greek & English.
• Key Benefits
  • Competitive salary
  • Private health care
  • Pension fund
  • Hybrid working model
  • Work with latest technologies
  • Agile work environment
  • Bi-weekly sprint reviews with snacks
  • Unlimited freshly brewed coffee
• How to apply
  • Sign in or Create an account in our 'e-recruitment System' and complete your profile 
  • From the ‘Candidate Profile’ section, click on the following:
  • BoC Logo or link
  • Job Search
  • Search Jobs
  • Click on the job vacancy you are interested in
  • Apply
  • Scroll down the page and click on ‘Apply’ again.