Welcome to the team:
Head of ICT Enablement & Compliance (Group ICT Risk & Resilience Management) (m/f/diverse)

  • Function
    Function:
    Risk / Credit / Financing
  • Location
    Location:
    Praha
  • Job type
    Job type:
    / Full time / Part time
  • Application deadline
    Application deadline:
    7 / 30 / 2026
  • Management / Joint Leadership
    Management / Joint Leadership:
    Management / Joint Leadership

Your tasks

As Head of ICT Enablement & Compliance in GRM-ICT RRM, you will be responsible for steering and developing a function that promotes the bank-wide embedding of ICT risk awareness, regulatory compliance and effective enablement structures across the bank and its relevant ICT contractors.

You will shape the strategic and operational development of the function and help anchor regulatory requirements, governance standards and risk-oriented behaviour across the organisation in an effective and sustainable way.

In this role, you will ensure that relevant requirements from ICT risk management, information security and digital operational resilience are brought into the organisation through appropriate communication, training, awareness and advisory formats as well as controls. Separately, you will develop and lead a dedicated ICT third-party risk management function.

Reporting directly to the GRM-ICT RRM divisional board member, you will work closely with them and adjacent business/IT areas to develop an effective target picture for four departments: ICT advisory, ICT awareness, ICT controls and ICT third-party risk management, and translate it into sustainable measures.

You will address regulatory and subject-matter requirements in a target-group-oriented way, communicate complex matters clearly and create the basis for sound decisions as well as a sustainable compliance and risk culture.

Your responsibilities will include the functional leadership of the assigned departments. In this role, you will lead approximately 23 FTE across the assigned departments.

In addition, the following responsibilities will fall within your remit as Head of ICT Enablement & Compliance and that of your team:

  • Functional and strategic leadership of the ICT Enablement & Compliance function in GRM-ICT RRM, including the leadership of the assigned managers and teams
  • Development of a cross-functional target picture for ICT-advisory, ICT awareness, ICT controls and ICT third-party risk management and the sustainable embedding of regulatory requirements
  • Supporting the organisation in implementing requirements arising from ICT risk management, information security and digital operational resilience incl. effective advisory work by promoting a “security by design” approach
  • Driving an ICT awareness program relying on target-group-oriented communication, training and enablement measures
  • Developing and maintaining a risk-based ICT controls framework, including standards, guidance, monitoring and challenge activities for relevant 1st LoD controls, while ensuring appropriate oversight of 2nd LoD controls
  • Develop and manage a dedicated ICT third-party risk management framework, aligned with the bank’s broader third-party risk management function and ICT risk management framework, to ensure the appropriate management of ICT risks arising from the bank’s multiple third-party relationships
  • Deriving focus topics and measures from regulatory developments, audit findings, risks, incidents and organisational implementation needs
  • Close collaboration with internal and external stakeholders, in particular adjacent 2nd line functions, HR, Communications, the 1st Line, audit functions and supervisory authorities
  • Supporting and developing employees with specialist, project and leadership responsibilities, as well as contributing to recruiting and succession planning
  • Making decisions within your area of responsibility with a focus on quality, effectiveness, risk and sustainable implementation
  • Reporting on key developments, measures, risks and progress within the area of responsibility
  • Ensuring efficient, quality-conscious and risk-aware delivery of responsibilities in line with regulatory requirements and a mindset of continuous improvement

Your Profile

  • Commercial vocational training, preferably in banking or finance, and/or a university degree, ideally related to business administration, computer science/information technology, business informatics, governance, compliance, risk management or comparable fields, combined with ten years of professional and leadership experience
  • Several years of professional experience in ICT risk, information security, governance, compliance, regulatory transformation or organisational enablement, ideally in a banking environment
  • Experience in developing and steering cross-functional initiatives, programmes or change projects
  • Very good understanding of regulatory requirements and the ability to translate them into target-group-oriented communication, training and implementation formats
  • Strong analytical and conceptual skills, combined with the ability to communicate complex matters clearly, effectively and with the target audience in mind
  • A strong sense of responsibility and the ability to support and develop employees and managers in a demanding environment
  • Confident presence, excellent communication skills and sound stakeholder management when working with management, business units and relevant interfaces
  • A high level of commitment, quality awareness and delivery strength
  • Very good command of English and preferably German language skills

Our Benefits

  • 30 days of vacation
  • Employer-funded pension
  • Flexible work
  • Employee conditions
  • Digital learning
  • Diversity
  • Family & job friendly
  • Friendly work environment
  • Inspiring company culture
  • Work-life balance

30 days of vacation; Employer-funded pension; Flexible work; Employee conditions; Digital learning; Diversity; Family & job friendly; Friendly work environment; Inspiring company culture; Work-life balance

The company

Group ICT Risk & Resilience Management (GRM-ICT RRM) is responsible, within the 2nd Line of Defence, for steering and further developing the bank-wide ICT risk management framework and digital operational resilience. The function sets the framework for dealing with ICT, information security and cyber risks and supports the sustainable implementation of regulatory requirements, in particular in the context of DORA.

ICT Enablement & Compliance makes a significant contribution by translating regulatory and business requirements into effective awareness, advisory, controls and third party risk management processes. In this way, risk-oriented and compliant behaviour is strengthened across the bank, responsibilities are clearly embedded, and the organisation is effectively supported in sustainably implementing requirements.

Contact

Are you ready to join a strong team from 01.12.2026 or earlier, either full-time or part-time? Then we look forward to receiving your online application by 30.07.2026.