B

IT Risk & Compliance Officer

Companie Verificata

Adaugat: 2 săptămâni în urmă

Acest anunt este cu aplicare externa. Cand dati click pe Aplicare Externa veti fi redirectionat pe un alt site pentru a aplica.

Companie :
BOOKING HOLDINGS ROMANIA S.R.L.
Functia Jobului :
Software & analiza datelor
Industrie :
IT si telecomunicatii
Locatie :
Tip job :
Program Full Time
Nivel experienta :
Senior
Vechime :
5 - 6 ani
Descriere:

Booking.com follows a defense in depth strategy for managing its risks. As part of this strategy, Booking has 3 departments focusing on each line of defense. Global Internal Audit (GIA) is responsible for the 3rd line of defense, Risk and Controls (R&C) is responsible for the 2nd line of defense, while the responsibility of 1st line has been distributed between process/control owners and the Trust, Risk, Assurance and Compliance (TRAC) team. The TRAC team is quasi Risk and Controls team closer to the 1st line (process and control owners) and supports in design and maintenance of the internal controls in line with Booking’s risk appetite.
The IT Risk & Compliance Officer is part of the Risk Management capability of TRAC and is responsible for partnering with risk owners throughout the Central Technology business function and other business units to support design and maintenance of internal controls in line with our risk appetite and to maintain the quality of our processes. The role requires to work closely with stakeholders from multiple departments and to have a strong big picture focus, but be able to zoom in and out of the details to ensure full process understanding.
The role is focused on leading the identification of technology-related risks for various technology platforms, including, but not limited to: cybersecurity, IT, privacy and regulatory compliance risks. This role requires engaging with senior technical stakeholders (developers, engineers, managers, etc.) to identify appropriate risk responses, and supporting and maintaining a fit-for-purpose IT controls framework, including the development of additional IT controls to manage risks.
The IT Risk & Compliance Officer is also a subject matter expert leveraging a deep understanding of the enterprise risk discipline combining deep knowledge of theory and organizational practice or expertise across several different disciplines within a function. This role requires solid knowledge of IT general controls and cybersecurity controls to mitigate technology-related risks across the organization. Successful risk expertise requires dynamic individuals who are able to liaise with various senior stakeholders and thus need to be articulate communicators, foster collaboration, integrate perspectives and drive to business beneficial outcomes. This position requires strong stakeholder management skills and requires an individual who can influence others who are skeptical or unwilling to accept new concepts, practices and approaches.
This role provides a hybrid way of working with an onsite presence of 2 days/week.
Key Job Responsibilities and Duties

  • Build knowledge of internal controls, systems and process landscape to enable clear understanding of impact and Lead Initiative affecting wider organizations.
  • Looks for ways to increase the business impact of the team and improve the team’s services and how the team functions.
  • Promote control owners accountability for IT control performance and documentation.
  • Assess controls to provide assurance of control performance.
  • Provide advice on control & indicators design that are both sustainable and right sized (i.e. a simple solution for a simple problem, no overengineering).
  • Enable continuous improvement, maintaining our Booking.com controls catalogue, by providing general and technical guidance on how to maintain relevant controls.
  • Coordinate new requests from the business functions and units for support with controls.
  • Support business functions and units in ongoing compliance with SOX, PCI, GDPR and other control areas.
  • Provide support to SOX-IT Audits, PCI assessments, NIST Assessments, with needed walkthoughts, documentation and follow ups.
  • Assist in the development and leading of regular training/awareness programs to train and educate risk owners on internal controls topics.
  • Stay flexible to meet the dynamic business needs, while maintaining robust solutions that strengthen the control environment.
  • Be able to split large tasks into logical, manageable and decoupled actions which are managed effectively and delivered on time.
  • Support IT Risk and Compliance analysts when specific expertise is required.
  • Control mapping of internal control to industry frameworks and best practices.
  • Reporting on control execution, coverage, KPI and issues through booking reporting and dashboarding tools (Jira, Tableau, ServiceNow).


Benefits

  • Health insurance
  • Prepaid medical subscription (Regina Maria)
  • Life insurance
  • Meal vouchers
  • Learning wallet
  • Travel benefit
  • Annual vacation leave of 25 business days, pro rata with the working period
  • Birthday day off
  • Summer break (short Fridays during summer)
  • Work from Abroad program (up to 20 days/year in EU)
  • Floating days off
  • 2 Volunteer days/ year
  • Home office one-time bonus
  • Bookster
  • Linkedin learning platform
  • Headspace
  • Employee discounts (travel, gym, dental, vision)


  • 5 - 8 years of relevant experience.
  • Bachelor’s Degree.
  • Work experience in business analysis, auditing, corporate governance, risk management or internal controls.
  • Ability to develop solid relationships with business partners in order to drive the adoption of the risk management culture.
  • Thorough technical understanding of internal control requirements and design and experience in applying them in various businesses.
  • Able to split large tasks into logical, manageable and decoupled actions which are managed effectively and delivered on time.
  • Knowledge of Regulatory and Compliance frameworks affecting Technology - SOX, PCI, NIST, COBIT.
  • Familiar with ServiceNow, Google Suite, Jira tools (or similar), Cloud environments is a plus, but not mandatory.
  • Familiarity with a DevOps environment is a plus, but not mandatory.
  • Excellent program management skills.
  • Strong stakeholder engagement skills (control/process owners, audit).
  • Demonstrates the ability to make decisions, assess and resolve problems effectively.
  • Enthusiastic, self-starting and enjoys change.
  • Hands-on experience with large e-commerce or tech companies is preferable.
  • Be flexible and agile in response to the change in business, change in stakeholder expectations and/or change in regulatory/operating environment of B.com.
  • Strong independent contributor, while still a strong team player.


Booking Holdings Center of Excellence is part of Booking Holdings, the world's leading provider of online travel and related services, with a rich heritage of digital innovation. The Center provides access to specialized and highly skilled talent, supports projects powered by new and emerging technologies, leverages industry best practices, and fosters collaboration opportunities across all of the Booking Holdings brands, including Booking.com, Priceline, Agoda, KAYAK and OpenTable.

If you are interested to find out more about the Booking Holdings Center of Excellence visit our website: www.bookingholdings-coe.com.

Booking Holdings (NASDAQ: BKNG) is the world’s leading provider of online travel and related services, provided to consumers and local partners in more than 220 countries and territories through five primary consumer facing brands: Booking.com, Priceline, Agoda, KAYAK and OpenTable. The mission of Booking Holdings is to make it easier for everyone to experience the world.

Sfaturi de siguranta

  • Nu trimiteti niciodata BANI in avans sau acte de identitate pentru aplicarea la un loc de munca. Nu trimiteti bani in avans pentru promisiuni de angajare sau alte oferte similare.
  • Daca aveti impresia ca acest anunt nu este real, va rugam sa il raportati apasand butonul "Raporteaza Job"
Raporteaza Job

This action will pause all job alerts. Are you sure?

Cancel Proceed
Esti la un pas de noua ta cariera!: IT Risk & Compliance Officer
Autentificare si aplica acum: Utilizati email si parola pentru a va autentifica:
Ad
Raporteaza
Share Job Via Sms

Fii informat

Aboneaza-te la newsletter-ul nostru si primeste cele mai recente oferte de munca si informatii despre cariera direct in inbox-ul tau.

Securitatea datelor dumneavoastra este importanta pentru noi. Citeste Politica de confidentialitate.

B-dul Dimitrie Pompeiu Nr. 9 - 9A, Iride Business Park, Bucuresti

© 2026 Jobradar24. Toate drepturile rezervate.

Or your alerts