Manager - Risk Frameworks

About Us:

At Booking.com, data drives our decisions. Technology is at our core. And innovation is everywhere. But our company is more than datasets, lines of code or A/B tests. We're the thrill of the first night in a new place. The excitement of the next morning. The friends you encounter. The journeys you take. The sights you see. And the memories you make. Through our products, partners and people, we make it easier for everyone to experience the world.

Leadership/Team Quote:

The role of the Risk & Control function within Booking.com is to empower the business to make and implement informed, risk-based decisions. Beyond establishing the overarching risk management frameworks and tooling, we also directly support many of the company's top priorities and risk domains, for example through practical advice on the application of risk frameworks, driving risk assessments, supporting control design, and challenging risk decisions.

Role Description:

The Risk Manager - Risk Frameworks is a role within the Risk & Control function, responsible for developing, maintaining and embedding Risk Policies, procedures and frameworks, developing and implementing a training program. The Risk Manager acts as a Risk Framework advisor and ensures alignment with the wider risk and compliance community.

Tasks & Responsibilities

• Develops and maintain Risk Management Policies, Procedures, and Frameworks:
  
  
  • Aligns frameworks with key stakeholders with B.com and BHI
  • Maintains central register of all framework documents
• Embeds/ drives adoption of the Risk Framework:
  
  
  • Publishes and communicate
  • Develops and provides training on risk frameworks
  • Advises and challenges on the correct application of the Framework
  • Embeds frameworks in the GRC tool
• Coordinates the broader B.com risk community
  
  
  • Ensures knowledge sharing and alignment on frameworks and ways of working
• Contributes to R&C reporting
• Coaches more junior risk professionals

• 8+ years of experience in Risk Management
• Bachelor's degree or higher in a relevant field (Master's Degree is preferable). Alternatively compensating years of experience
• Advanced risk management & compliance knowledge and experience including:
  
  
  • IT Risk Management and IT Governance
  • Operational Risk Management
  • SOx, ICOFR, COSO
  • Experience in other relevant compliance domains (e.g. GDPR, DMA, DSA, FCRM) is advantageous
  • Experience with high priority technology domains incl. Cybersecurity (NIST, ISO 27001), Cloud, Data, AI is advantageous
  • Qualifications related to any of the above are advantageous (incl. CRISC, CRM, CRMP, FRM, CISM, CCSP, CGEIT, CIPM, CPA, ACCA, CIA, CISA)
• Strong stakeholder management skills
• Strongly process-, problem solving- and action-oriented
• Fully comfortable working in English, both written and spoken
• Experience with large e-commerce or tech companies is advantageous
• Project and/or Line management experience is advantageous