Inetum is a global leader in IT services, dedicated to delivering innovative solutions to our clients. We are committed to fostering a dynamic and inclusive work environment that values diversity, where creativity and collaboration can thrive. We are present in 19 countries and have more than 28,000 employees worldwide.

If you are looking for a dynamic, innovative, and technology-driven company, Inetum is the place for you! Come be part of Inetum!

To strengthen the IT Risk Center of Excellence (COE) team (based in Nanterre, France) is seeking a Junior IT Risk Specialist, to be based in Lisbon.

This role will be part of an international team responsible for the deployment and ongoing management of Third-Party IT Risk Management (TPTRM), including Cloud solutions, across France and international entities.

Key Responsibilities

The Junior IT Risk Specialist will support the administration, coordination, and follow-up of IT Risk processes, with a strong focus on TPTRM and Cloud Risk Management, ensuring high-quality reporting and compliance across the organization.

Key responsibilities include:

• Support the administration and follow-up of IT Risk COE processes for France and international entities
• Prepare and maintain reports for internal stakeholders and entities
• Ensure proper documentation, traceability, and data quality across IT Risk activities

Main Functions

Cloud & TPTRM Coordination

• Coordinate Cloud solutions assessment deliverables
• Track and report progress of Cloud documentation to Cloud Leaders
• Act as a middle-office support for the TPTRM team
• Maintain high data quality in BNPP Group tools related to IT third parties

IT Risk Management Activities

Perform administrative and follow-up activities covering all IT Risk domains, including but not limited to:

• Key Risk Indicators (KRIs)
• IT obsolescence monitoring
• Shadow IT / Light IT identification
• Permanent control processes
• IT Risk Quality framework
• Risks related to third-party suppliers (TPTRM)
• Cloud-related IT risks
• Recommendations and action plan follow-up
• Historical incidents tracking

• Minimum 2 years of experience in IT Risk, Cyber Security or related fields
  (general IT knowledge is sufficient – no deep technical expertise required)
• Fluent in English (mandatory)
• Hands-on experience with ServiceNow GRC – IT module
• Solid knowledge of ISO 27001 / ISO 27005 (highly valued)
• Strong proficiency in Microsoft Office, especially Excel
• Excellent organizational, communication, and reporting skills
• Ability to manage and facilitate meetings in a multicultural environment
• Strong attention to quality, deadlines, and compliance with procedures
• Analytical mindset, good listening skills, and results-driven attitude

Valued (Nice to Have)

• Basic knowledge of Cloud solutions
• Fluency in French and/or Spanish

• Availability to travel within Portugal
• Availability to travel internationally, as required