Quick Summary
Roll out a unified control framework across all Qonto teams, defining minimum standards for control objectives, owners, procedures, evidence
Build the Risk & Control Self Assessment methodology with business teams and maintain a first-line risk cartography aligned with the broader risk framework.
Responsibilities
~1 min read- →Design the Level 1 control plan: Roll out a unified control framework across all Qonto teams, defining minimum standards for control objectives, owners, procedures, evidence requirements, and remediation logic.
- →Own the RCSA-based risk cartography: Build the Risk & Control Self Assessment methodology with business teams and maintain a first-line risk cartography aligned with the broader risk framework.
- →Define and deploy the Level 1 Target Operating Model: Formalize roles, processes, escalation routes, and first-line/second-line interactions, then drive adoption across the organization.
- →Produce governance reporting: Consolidate Level 1 control execution data (completion rates, failed controls, remediation status) and present to the Risk Committee and relevant governance bodies.
- →Keep LoD1 and LoD2 genuinely separate: Act as the first-line counterpart of Internal Control, ensuring first-line teams own their framework independently.
- Permanent control or operational risk background: 3-5 years experience in permanent control, internal control, or operational risk in a regulated banking environment and understand what strong first-line ownership looks like.
- Sound knowledge of French banking regulation: You're familiar with the Arrêté du 3 novembre 2014 (Art. 12, 100/102), EBA internal governance guidelines (EBA/GL/2021/05), and the Three Lines of Defence model.
- Hands-on RCSA and risk cartography experience: You've designed or maintained RCSA methodologies, risk taxonomies, and risk cartographies.
- Getting teams on board: You know how to get business teams to change their practices through clear standards, governance visibility, and well-structured escalation paths.
- AI-ready: You use AI tools to accelerate analysis and automate reporting loops, and you're excited to bring that mindset to how you build processes.
- Real structural impact: This role exists to give the first line genuine ownership of its control framework, and you'll own the build from design through to rollout.
- High governance visibility: Your output feeds directly into the Risk Committee and regulatory-level reporting.
- Build before you maintain: The TOM, RCSA methodology, and harmonized control plan don't exist yet; you're designing them, not inheriting a legacy.
- Scope that grows with you: As the framework embeds, the role evolves from project delivery into owning the recurring annual cycle.
You'll report to Maxime, our Operational Risk Manager at Qonto. Maxime built his risk expertise across regulated banking and asset management — from Operational Risk Analyst at ODDO BHF to Risk Officer at Ardian, before joining Qonto in 2025. He holds a Master's from ESCP Europe and an AMF certification, and brings a structured, framework-oriented approach alongside a solid understanding of what genuine first-line control ownership looks like in a regulated environment.
If you receive a suspicious message claiming to be from Qonto, please report it right away (support@qonto.com)
Location & Eligibility
Listing Details
- Posted
- July 10, 2026
- First seen
- July 10, 2026
- Last seen
- July 10, 2026
Posting Health
- Days active
- 0
- Repost count
- 0
- Trust Level
- 70%
- Scored at
- July 10, 2026
Signal breakdown
Please let Qonto know you found this job on Jobera.
3 other jobs at Qonto
View all →Explore open roles at Qonto.
Browse Similar Jobs
Stay ahead of the market
Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.
No spam. Unsubscribe at any time.
