Every moment counts. Especially those you live to the fullest. Welcome to Consort Group.
For over 30 years, Consort Group has been helping companies leverage their data and infrastructure. It is backed by two leaders, Consortis and Consortia, and places people and social responsibility at the heart of its values.
This is your future team
Established in 2021, Consort Portugal supports the strategic offshoring choices of our clients, particularly in Europe, and brings our expertise in infrastructure services to the Portuguese market. With a team of around 45 employees, our Service Center based in Porto is developing a dynamic nearshore business, offering the French and European markets an environment of excellence and high potential.
Are you passionate about IT Risk Management, Third-Party Risk Management (TPRM), Cloud Governance, and Regulatory Compliance? Then this position is for you.
As an IT Risk Specialist, you will be responsible for supporting the deployment of Third-Party IT Risk Management processes, Cloud risk governance, and DORA compliance initiatives within an international financial services environment.
Coordinate Cloud solution assessment activities and related deliverables.
Support the deployment and continuous improvement of Third-Party IT Risk Management (TPTRM) processes.
Contribute to DORA compliance initiatives for supplier and intra-group sourcing contracts.
Assist Procurement teams in supplier due diligence activities and contract remediation processes.
Maintain and improve data quality within BNP Paribas Group governance and risk management tools.
Support the implementation of IT Risk governance frameworks, controls, and reporting processes.
Organize and facilitate steering committees related to third-party and intra-group risk management.
Monitor and report the progress of Cloud documentation and compliance activities.
Maintain and update IT Risk indicators, controls, and governance dashboards.
Follow up on Key Risk Indicators (KRIs), obsolescence, Shadow IT, Light IT, and permanent control activities.
Support the monitoring of IT Risk Quality, historical incidents, and remediation plans.
Manage administrative activities related to IT Risk governance and reporting.
Ensure the ongoing follow-up of third-party supplier risks and Cloud-related risks.
Maintain compliance with internal procedures, methodologies, and regulatory requirements.
You have at least 2 years of experience in IT Risk Management, Cybersecurity Governance, Third-Party Risk Management, or a related IT governance function.
You are comfortable working in regulated environments, coordinating multiple stakeholders, and ensuring high-quality governance and compliance deliverables. You are organized, detail-oriented, and capable of driving activities autonomously while respecting deadlines and procedures.
IT Risk Management and Governance
Third-Party Risk Management (TPRM)
Cloud Risk Management
DORA Compliance
Regulatory and Security Frameworks
Supplier Risk Assessment
IT Control and Risk Reporting
IT Risk Management
Third-Party Risk Management (TPRM)
Cloud Risk Governance
DORA Regulation
ServiceNow GRC (IT Module)
Supplier Due Diligence (SDD)
IT Controls and Key Risk Indicators (KRIs)
Risk Reporting and Governance
Microsoft Excel and MS Office Suite
ISO 27001 knowledge (highly desirable)
Excellent organizational skills
Strong written and verbal communication skills
Ability to facilitate meetings and coordinate stakeholders
Analytical and detail-oriented mindset
Result-driven approach
Good listening and questioning skills
Ability to work effectively in a multicultural environment
Autonomous and proactive attitude
Attentive and human onboarding
A truly hands-on management style
Continuous training opportunities
Concrete commitments: inclusion, equality, solidarity
A comprehensive HR package: health insurance, TR card, CSE, pension plan
A culture of feedback and meaningful projects
An initial phone call with our recruitment team
An HR interview and a job interview with a business engineer
A test or technical interview with one of our experts
A final meeting with your future manager or project manager
