At Fresenius Kabi, we are committed to life - delivering high-quality and innovative solutions to improve the lives of patients worldwide. As part of our continued digital transformation, we are looking for a Senior Manager IT Risk Management to strengthen our IT governance and compliance framework. This role plays a key part in identifying and mitigating IT risks, enhancing system resilience, and embedding risk awareness across the organization.Your RoleAs Senior Manager IT Risk Management, you will drive the design, implementation, and evolution of IT risk management practices. You will assess risks across systems, data, and infrastructure, support audit processes, and develop mitigation measures in collaboration with stakeholders. By applying recognized industry standards and your subject matter expertise, you will help safeguard our IT landscape and ensure regulatory compliance.Your ResponsibilitiesStrategic ResponsibilitiesContribute to designing and enhancing IT risk management frameworks aligned with the company's overall IT and business strategies.Help define and maintain IT risk policies, standards, and procedures based on organizational risk tolerance.Feed risk insights into strategic decision-making and future IT investments to ensure a secure, forward-looking governance model.Tactical ResponsibilitiesEnsure compliance with relevant regulations and standards such as GDPR, ISO/IEC 27001, HIPAA, FDA, CMS, and PCI-DSS.Conduct regular IT risk assessments using industry frameworks (e.g., NIST SP 800-30), identify vulnerabilities, and implement targeted mitigation plans.Support the restructuring of IT risk management processes and contribute to the creation of effective incident response procedures.Develop and roll out standardized training programs to build awareness around IT risk and security practices.Operational ResponsibilitiesMonitor and evaluate IT risk activities using frameworks such as CMA (Control Maturity Agreement), and report regularly to relevant IT and business stakeholders.Maintain a comprehensive IT risk register, capturing all key risks, indicators, and corresponding mitigation measures.Collaborate with IT Process Owners and functional teams to embed risk controls into daily operations.Coordinate timely mitigation of identified risks in cooperation with IT and business stakeholders.Stay up to date with emerging risks and trends in IT and proactively address potential threats.Your ProfileQualificationsCompleted university degree in Economics, Computer Science, Information Technology, or a related discipline.Solid understanding of IT environments, with hands-on experience in IT risk management, service management, or cybersecurity.Excellent written and verbal communication skills in English, with the ability to present complex risk topics to both business and technical audiences.Experience & Expertise7+ years of experience in IT risk management, information security, or compliance-related roles.At least 2 years of experience working with top-level stakeholders to promote risk awareness and support compliance initiatives.Demonstrated experience in implementing risk frameworks, performing IT risk assessments, and driving mitigation planning.Ability to work across global matrix structures and navigate cross-functional collaboration challenges (e.g., virtual teams, time zones, cultural differences).Technical KnowhowSolid knowledge of IT infrastructure, applications, and security controls.Familiarity with current and emerging technologies and their risk implications (e.g., cloud, IoT, AI).Strong understanding of relevant regulations, standards, and frameworks such as ISO/IEC 27001/27005, NIST SP 800-30, GDPR, HIPAA, and PCI-DSS.Professional certifications such as CISSP, CRISC, CISM, or equivalent are strongly preferred.Additional credentials in project management or ITIL are considered a plus.Why Join Us?At Fresenius Kabi, you will have the opportunity to shape how IT risk is managed across a global healthcare company that's transforming its digital landscape. You'll work in a dynamic and collaborative environment, contribute to meaningful work, and help ensure the secure delivery of solutions that support healthcare professionals and patients around the world.
