ICT Risk Manager (Payments)

Full Time
1 month ago

Airbnb was born in 2007 when two Hosts welcomed three guests to their San Francisco home, and has since grown to over 4 million Hosts who have welcomed more than 1 billion guest arrivals in almost every country across the globe. Every day, Hosts offer unique stays and experiences that make it possible for guests to connect with communities in a more authentic way.

The Community You Will Join:

To power the global Airbnb community, we are building a world-class payments platform - one that currently supports 191 countries, 70 currencies, connects dozens of payment providers and banks, and processes billions of dollars per year for all of Airbnb’s business units. As the platform grows, we’ll be adding new payment partners, establishing licensed payments companies around the world, and building innovative payment experiences and financial products for our guests and hosts. Our goal? To create a future where transparent, simple, and familiar payment solutions can empower people, entrepreneurs and communities on our global marketplace.

The Difference You will Make:

As the ICT (Information & Communication Technology) Risk Manager for Airbnb Payments, based in our London office, you will report to the Managing Director of Airbnb Payments UK with a dotted line to the Managing Director of Airbnb Payments Luxembourg.  The role will be responsible for strengthening the digital operational resiliency of Airbnb Payments group, including through the implementation and management of processes and documentation required by the new EU Digital Operational Resiliency Act (‘DORA’) and other similar ICT related requirements across the geographies where APUK / APLUX Airbnb Payment entities operate.

A Typical Day: 

  • Implement and manage Airbnb Payments’ ICT Risk Management framework across multiple time zones, especially the US and Europe
  • Lead payments-focused ICT Risk Assessment with the Information Security Team
  • Maintain ICT Risk Register for Airbnb Payments entities and implementation of required controls 
  • Update ICT Risk Management framework in response to events
  • Continually review & refresh ICT policies and procedures in addition to ensuring compliance to those policies
  • Oversee security testing coverage( penetration testing/vulnerability assessments) over payments functions/processes
  • Manage ICT Business Continuity Plan & Testing
  • Detailed knowledge of  Operational Resilience testing (regulated entity)

Project Management

  • Create regular reporting to the Management team and Board of Directors
  • Coordinate  and manage ICT incident response and remediation with different stakeholders
  • Ensure timely updates from different teams on ICT Risk Management 
  • Project manage different exercises: ICT risk assessment, Business impact assessment and systems testing

Vendor Management

  • Monitor and assess Third Party SLAs and performance
  • Oversee vendor due diligence and risk assessment
  • Ensure timely reporting of third party incidents and regular follow-ups through to remediation and learning

Regulatory Communication & Reporting

  • Serve as single point of contact for all ICT related regulatory communications
  • Lead ICT related regulatory audit response and inspections
  • Manage all ICT related internal and external audit reviews
  • Prepare and manage all ICT related regulatory reporting
  • Operational Resilience controls and testing

Your Expertise:

  • Bachelor Degree or other advanced degree level in related fields
  • Problem solving mindset supported by strong analytical and technical skills
  • Ability to learn quickly - new systems, functions and domains
  • Strong written and verbal communication skills
  • Experience working in matrix organizations and competence in leading through influence without direct reporting lines
  • Willing to roll up sleeves and get things done
  • An analytical approach to measuring/optimizing performance
  • Ability to influence peers and stakeholders at all levels within the organization and senior stakeholders externally as needed
  • High level of comfort with ambiguity and able to manage multiple competing priorities
  • Experience working in an EU/UK regulated financial services environment

Technical Skills

  • Technical and Business education
  • Sound knowledge of EU financial service regulations as they relate to ICT and InfoSec Risk Management
  • Thorough knowledge of Payment systems and technology as well as keeping up to date with relevant innovations in the field
  • Strategic thinking in service of business goals and company strategy
  • Expert knowledge of Payments infrastructure and needs (gateways, orchestration, process mapping) 
  • Expert knowledge of risk assessment and prevention
  • Be familiar with key ICT resilience & InfoSec concepts 
  • Strong IT and security background

Soft Skills

  • Ability to work autonomously as well as to collaborate with core team and across stakeholder groups 
  • Analytic mindset trained in detailed and structured work
  • People skills necessary to assist/support non-technical profiles whenever necessary

 

Our Commitment To Inclusion & Belonging:

Airbnb is committed to working with the broadest talent pool possible. We believe diverse ideas foster innovation and engagement, and allow us to attract creatively-led people, and to develop the best products, services and solutions. All qualified individuals are encouraged to apply.