Our passion at SumUp is championing small businesses. We believe in creating technology that is flexible, fair, affordable and easy to use. Every day millions of people around the world dream of starting their own businesses. We strive to help them to do this. Our long-term ambition is to “close the loop” by enabling businesses to turn transactions with customers into long-term relationships.The Operational Risk team is a key component of SumUp’s second line of defense and is responsible for the ongoing assessment and monitoring of the group’s operational risks. We are looking for an experienced senior risk professional with expertise in Information and Communication Technology (ICT) & Cyber security to join our team in Europe.
What you’ll do:
You will assist the operational risk and enterprise risk management teams to identify, assess and monitoring the ICT risks inherent in our business activities
You will establish and implement ICT risk management strategy
You will support the existing team with oversight of the risk & control environment regarding ICT, Data and Cyber risk
You will build strong relationships with our engineering and product teams and support with education and embedding a sound risk culture within the first line of defence.
You will provide subject matter expertise around IT risk and control frameworks, being the first point of contact for all IT risk and control queries.
You will assist with the design and maintenance of the company’s operational resilience framework with a focus on IT components.
You will drive the development, monitoring and reporting on IT risk appetite metrics and tolerances
You will track and progress all IT risk related actions; including Risk assessments, Internal Audit, External Audit and Business Continuity actions.
You will ensure compliance with operational and security risk regulations globally and support with internal and external risk reporting requirements
You will assist and oversee our engineering and product teams in delivering risk assessments, developing key risk indicators and reporting incidents & operational losses and monitoring emerging trends
You will manage open issues identified during the risk assessment process.
You’ll be great for this role if:
You have a solid Communication technology (CT) risk management expertise
You come with 5+ years in similar/related role
You possess significant understanding of risk management frameworks and experience conducting risk and control self assessments, incident management, development of key risk indicators
You have excellent stakeholder management, communication skills, excellent attention to detail and strong time management
Nice to have:
Professional qualification in risk management
Certification in Risk and Information Systems Control (CRISC) and/or ISO 31000
Why you should join SumUp:
We’re a global and growing team of 3500+ people from 90+ nationalities, spread across 4 continents.
You can truly create your own path here and help us shape the future for small businesses globally.
You’ll receive a budget for your individual development, attending conferences and external training.
We offer a competitive compensation package, including subsidised childcare, private health insurance, life insurance, mental well-being support, and 25 days of paid leave.
You will have access to the SumUp Sabbatical, our Employee Referral and Employee assistance programme for mental health as well as Fitness and language learning benefits.
We get together regularly for breakfasts, team events, and office parties.
About SumUp:
We believe in the everyday hero. Small business owners are at the heart of all we do, so we're creating tools that help them run their businesses. With a founder’s mentality and a 'team-first' attitude, our diverse teams across Europe, South America, and the United States work together to ensure that the small business owners we partner with can be successful doing what they love.
SumUp is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. SumUp does not make hiring or employment decisions on the basis of race, colour, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender identity, sexual orientation, disability, age or any other basis protected by applicable laws or prohibited by company policy. SumUp also strives for a healthy and safe workplace and strictly prohibits harassment of any kind.
SumUp will not accept unsolicited resumes from any source other than directly from a candidate.
Job Application Tip
We recognise that candidates feel they need to meet 100% of the job criteria in order to apply for a job. Please note that this is only a guide. If you don’t tick every box, it’s ok too because it means you have room to learn and develop your career at SumUp.