IT Risk & Control Framework Consultant

Talan – Positive Innovation

Talan is an international consulting group specializing in innovation and business transformation through technology. With over 7,200 consultants in 21 countries and a turnover of €850M, we are committed to delivering impactful, future-ready solutions.

Talan at a Glance

Headquartered in Paris and operating globally, Talan combines technology, innovation, and empowerment to deliver measurable results for our clients. Over the past 22 years, we’ve built a strong presence in the IT and consulting landscape, and we’re on track to reach €1 billion in revenue this year.

Our Core Areas of Expertise

• Data & Technologies: We design and implement large-scale, end-to-end architecture and data solutions, including data integration, data science, visualization, Big Data, AI, and Generative AI.
• Cloud & Application Services: We integrate leading platforms such as SAP, Salesforce, Oracle, Microsoft, AWS, and IBM Maximo, helping clients transition to the cloud and improve operational efficiency.
• Management & Innovation Consulting: We lead business and digital transformation initiatives through project and change management best practices (PM, PMO, Agile, Scrum, Product Ownership), and support domains such as Supply Chain, Cybersecurity, and ESG/Low-Carbon strategies.

We work with major global clients across diverse sectors, including Transport & Logistics, Financial Services, Energy & Utilities, Retail, and Media & Telecommunications.

As part of the IT Risk & Control Framework team, you will actively participate in:

• Managing technology and cybersecurity risks from a governance and control framework perspective.

• Participating in technology risk assessment processes (RCSA, risk assessments, gap analysis).

• Mapping Risks – Controls – KPIs/KRIs, ensuring traceability and consistency of the control framework.

• Analyzing audit findings (internal and/or external) and defining structured remediation plans.

• Implementing and monitoring regulatory requirements, especially in the areas of:

o DORA

o Operational Resilience

o Business Continuity

• Third Party Risk Management (TPRM):

o Third-party controls

o Outsourcing

o Technology providers

• Evaluation and improvement of policies, procedures, and technology standards.

• Preparation of:

o Procedures and formal documentation

o Dashboards and executive reporting

o Material for Risk and Technology committees

• Preparation of reporting for senior stakeholders in a global environment.

What are we looking for?

• High level of English (spoken and written) – international environment.

• +3 years of experience in:

o IT Risk Management, with a focus on technology and/or cybersecurity.

o Internal and/or external auditing in technological environments.

• Experience in:

o Technological risk assessments (RCSA, risk assessments, gap analysis).

o Risk–Control–KRI/KPI mapping.

o DORA, operational resilience, and business continuity.

o TPRM and third-party risk management.

• Experience in document management and reporting:

o Drafting procedures.

o Policy evaluation.

o Participation in committees.

o Preparation of reports for senior stakeholders.

• Proficiency in visualization and reporting tools, especially Power BI.

• Knowledge of Microsoft and ServiceNow environments.

Key Competencies :

• Structured thinking and strong control orientation.

• Ability to work independently and prioritize in demanding environments.

• Ability to interact with multiple stakeholders (IT, Risk, Compliance, Audit).

• Clear and effective communication, both written and verbal.

• Global vision of the technology control framework.

• Execution mindset: ability to translate regulations and frameworks into practical solutions.

• Proactive attitude, eagerness to learn and add value from day one.

• Ability to work in a team, contributing to a collaborative and positive environment.

We value profiles with a good attitude, commitment, and a desire for continuous improvement.