IT Risk Analyst - Risk Governance

Employer: Booking Holdings Center of Excellence
  • IT Software
  • Job type: full-time
    Job level: 1 - 5 years of experience
  • nationwide
    Updated at: 28.11.2022
    Short company description

    Booking Holdings Romania is a Center of Excellence based in Bucharest, Romania and was created to support the increasing business demands of the Booking Holdings Brands. The Center of Excellence provides access to specialized and highly skilled talent, leading industry best practices, and collaboration opportunities across all of our Brands.

    As part of our Booking Holdings Romania team, you will have the opportunity to be a part of the world’s leading provider of online travel, with a mission of making it easier for everyone to experience the world through six-primary consumer-facing brands:, Priceline, Agoda, KAYAK, OpenTable and


    About The Role

    The IT Risk Analyst is responsible for partnering with risk owners throughout the Tech business function and other business units to design and maintain internal controls in line with our risk appetite and to maintain the quality of our processes. The role requires to work closely with stakeholders from multiple departments and to have a strong big picture focus, but be able to zoom in and out of the details to ensure full process understanding.

    Responsibilities and skills required for the IT Risk Analyst role are tightly linked to the Capability Area they work for, in Risk Management (focus on risk identification, analysis and treatment), Risk Governance & Project Management (focus on policy governance), or Third Party Risk Management & Customer Trust (focus on 3rd party risk).

    The IT Risk analyst role requires solid stakeholder management skills, and to be comfortable with challenging risk owners to come up with robust, scalable solutions which mitigate key risks while enabling successful business operations.


    1-3 years of experience gained within IT compliance, IT internal controls or IT audit
    First hand experience in risk governance activities
    Hands on experience with activities like identification of risk, risk register creation and maintenance etc. Knowledge of Risk acceptance/ risk exception as a process and their triaging
    Experience in policy framework lifecycle (creation till maintenance) along with gap assessment over existing policies and standards
    Knowledge of security frameworks/ standards/ compliances
    Ability to develop solid relationships with business partners in order to drive the adoption of the risk management culture
    Basic technical understanding of internal control requirements and design and experience in applying them in various businesses
    Stay flexible to meet the dynamic business needs, while maintaining robust solutions that strengthen the IT control environment
    Able to split large tasks into logical, manageable and decoupled actions which are managed effectively and delivered on time
    Be flexible and agile in response to the change in business, change in stakeholder expectations and/or change in regulatory/operating environment of Booking Holdings
    Strong independent contributor, while still a strong team player



    Support technology process owners to identify risks and assist them with designing and implementing optimal controls to mitigate risks
    Identify cybersecurity-related risks for new business initiatives and work with the relevant control owners to implement appropriate safeguards to protect Booking Holdings assets
    Document, agree and release security policies and procedures together with Technology stakeholders
    Perform policy gaps assessments and define risks from identified gaps
    Expand Technology risk register with all identified risks from policy gaps, policy exception, internal and external assessments
    Stay flexible to meet the dynamic business needs, while maintaining robust solutions that strengthen the IT control environment
    Support with identifying risk associated with technology policy exceptions as part of the exception management process

    Other info


    Contributing to a high scale, complex, world renowned product and seeing real-time impact of your work on millions of travelers worldwide
    Working in a fast-paced and performance driven culture
    Technical, behavioral and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participation
    Competitive compensation and benefits package
    Vast amounts of data to validate your ideas and the opportunity to experiment with real users

    Booking Holdings is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.