Senior IT Risk & Control Manager

upporting control design, and challenging risk decisions.

Role Description:

The Senior Manager - Risk Partner is a key role within the Risk & Control function, responsible for overseeing the risk management activities that directly support one or more tech/product business units. In addition to directly leading a team of risk professionals, the Risk Partner also acts as a strong advisor to business unit leadership, and as a primary point of contact for the wider risk and compliance community across Booking.com.

Key Job Responsibilities and Duties:

• Leads a team of risk professionals who:

  • Advise tech/operational teams in risk identification and assessment, risk response plans and design & implementation of controls
  • Provide SME support for all risk management activities owned by the Tech & Operational Teams, incl. supporting key business priorities/Must Do's, major IT changes and new products

• Central POC for 2nd line and audit

  • First point of contact for other Risk/Compliance functions for all new work instructions, e.g. relating to new regulations
  • Closely collaborates with other key risk functions, including Security, Privacy, Legal, Compliance
  • Filters/prioritises and coordinates topics that span multiple teams within the BU/BF
  • Coordinates audit activities (Operational & SOx), including audit readiness and tracking/reporting on audit finding remediation

• Enables Business Unit Leadership in the effective implementation and operation of risk management in the business unit

  • Provides BU-level reporting to BU LT and other stakeholders
  • Advises BU LT on key risks, escalates issues/risks to BU LT and 2nd line where needed
  • Facilitates adoption of frameworks and policies issued by 2nd line, and embedding of risk, security and compliance culture
  • Where applicable, runs/oversees BU-level governance mechanisms, e.g. a risk forum, or a compliance committee
  • Where required, defines business-specific risk management frameworks and procedures
  • Drives and supports initiatives to elevate the maturity of risk management and compliance, including through training and awareness campaigns

• Continuously monitors risks and controls

• Reviews exceptions (incl. control issues, policy exceptions) to identify and report on critical or thematic issues

• Actively contributes to the maturity of risk management across Booking.com

Qualifications & Skills:

• 10+ years of experience in Risk Management

• Bachelor's degree or higher in a relevant field (Master's Degree is preferable). Alternatively compensating years of experience (3 to 5 years in addition to above)

• Advanced risk management & compliance knowledge and experience including:

  • IT Risk Management and IT Governance
  • Operational Risk Management
  • SOx, ICOFR, COSO
  • Experience in other relevant compliance domains (e.g. GDPR, DMA, DSA, FCRM) is advantageous
  • Experience with high priority technology domains incl. Cybersecurity (NIST, ISO 27001), Cloud, Data, AI is advantageous
  • Qualifications related to any of the above are advantageous (incl. CRISC, CRM, CRMP, FRM, CISM, CCSP, CGEIT, CIPM, CPA, ACCA, CIA, CISA)

• Advanced stakeholder management skills

• Line management experience

• Strongly process-, problem solving- and action-oriented

• Experience with large e-commerce or tech companies is advantageous

Benefits & Perks - Global Impact, Personal Relevance:

Booking.com's Total Rewards Philosophy is not only about compensation but also about benefits. We offer a competitive compensation and benefits package, as well unique-to-Booking.com benefits which include:

• Annual paid time off and generous paid leave scheme including: parent, grandparent, bereavement, and care leave

• Hybrid working including flexible working arrangements, and up to 20 days per year working from abroad (home country)

• Industry leading product discounts - up to 1400 per year - for yourself, including automatic Genius Level 3 status and Booking.com wallet credit

Diversity, Equity and Inclusion (DEI) at Booking.com:

Diversity, Equity & Inclusion have been a core part of our company culture since day one. This ongoing journey starts with our very own employees, who represent over 140 nationalities and a wide range of ethnic and social backgrounds, genders and sexual orientations.

Take it from our Chief People Officer, Paulo Pisano: "At Booking.com, the diversity of our people doesn't just build an outstanding workplace, it also creates a better and more inclusive travel experience for everyone. Inclusion is at the heart of everything we do. It's a place where you can make your mark and have a real impact in travel and tech."

We ensure that colleagues with disabilities are provided the adjustments and tools they need to participate in the job application and interview process, to perform crucial job functions, and to receive other benefits and privileges of employment.

Application Process:

• Let's go places together: How we Hire

Booking.com is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.

Pre-Employment Screening

If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.