Our mission and customers: We are creating the freedom for SMEs to succeed by delivering Europe's leading finance workspace with banking at its core, augmented by financial tools. We are proud to be rated 4.8 on Trustpilot, based on 55,000+ reviews. Our culture puts customer satisfaction at the core of what we do, as proven by our Net Promoter Score of 75 (more about our culture here).
Our journey: Founded in 2017 by Alexandre and Steve, Qonto has grown to 1,600+ Qontoers serving over 600,000+ customers across 8 European countries. We have been profitable since 2023, and we are just getting started.
Our beliefs: We hire for skills and potential. With 80+ nationalities, 45% women, of which 56% of women in our leadership team, diversity isn't a program; It's who we are. We've built a discrimination-free hiring process because the best teams are built on merit.
AI at Qonto: AI is deeply embedded in how we work (here) - Every Qontoer gets unlimited access to the best AI tools. We want people who experiment without waiting for permission, push AI beyond the obvious, know when to trust it, and when to question it.
------------------------------------------------------------------------------------------------------
Our mission and customers: We are creating the freedom for SMEs to succeed by delivering Europe's leading finance workspace with banking at its core, augmented by financial tools. We are proud to be rated 4.8 on Trustpilot, based on 55,000+ reviews. Our culture puts customer satisfaction at the core of what we do, as proven by our Net Promoter Score of 75 (more about our culture here).
Our journey: Founded in 2017 by Alexandre and Steve, Qonto has grown to 1,600+ Qontoers serving over 600,000+ customers across 8 European countries. We have been profitable since 2023, and we are just getting started.
Our beliefs: We hire for skills and potential. With 80+ nationalities, 45% women, of which 56% of women in our leadership team, diversity isn't a program; It's who we are. We've built a discrimination-free hiring process because the best teams are built on merit.
AI at Qonto: AI is deeply embedded in how we work (here) - Every Qontoer gets unlimited access to the best AI tools. We want people who experiment without waiting for permission, push AI beyond the obvious, know when to trust it, and when to question it.
------------------------------------------------------------------------------------------------------
Join us as Level 1 Permanent Control Coordinator to take on a structural challenge: making Qonto's first line of defence genuinely own its control framework. You'll build the Level 1 Target Operating Model from scratch, run the Risk & Control Self-Assessment (RCSA) cycle, and produce the risk cartography and governance reporting that keeps regulators and leadership aligned, under the guidance of Maxime, our Operational Risk Manager.
➡️ What you'll do
- Design the Level 1 control plan: Roll out a unified control framework across all Qonto teams, defining minimum standards for control objectives, owners, procedures, evidence requirements, and remediation logic.
- Own the RCSA-based risk cartography: Build the Risk & Control Self Assessment methodology with business teams and maintain a first-line risk cartography aligned with the broader risk framework.
- Define and deploy the Level 1 Target Operating Model: Formalize roles, processes, escalation routes, and first-line/second-line interactions, then drive adoption across the organization.
- Produce governance reporting: Consolidate Level 1 control execution data (completion rates, failed controls, remediation status) and present to the Risk Committee and relevant governance bodies.
- Keep LoD1 and LoD2 genuinely separate: Act as the first-line counterpart of Internal Control, ensuring first-line teams own their framework independently.
➡️ What we're looking for
- Permanent control or operational risk background: 3-5 years experience in permanent control, internal control, or operational risk in a regulated banking environment and understand what strong first-line ownership looks like.
- Sound knowledge of French banking regulation: You're familiar with the Arrêté du 3 novembre 2014 (Art. 12, 100/102), EBA internal governance guidelines (EBA/GL/2021/05), and the Three Lines of Defence model.
- Hands-on RCSA and risk cartography experience: You've designed or maintained RCSA methodologies, risk taxonomies, and risk cartographies.
- Getting teams on board: You know how to get business teams to change their practices through clear standards, governance visibility, and well-structured escalation paths.
- AI-ready: You use AI tools to accelerate analysis and automate reporting loops, and you're excited to bring that mindset to how you build processes.
➡️ What we can offer you
- Real structural impact: This role exists to give the first line genuine ownership of its control framework, and you'll own the build from design through to rollout.
- High governance visibility: Your output feeds directly into the Risk Committee and regulatory-level reporting.
- Build before you maintain: The TOM, RCSA methodology, and harmonized control plan don't exist yet; you're designing them, not inheriting a legacy.
- Scope that grows with you: As the framework embeds, the role evolves from project delivery into owning the recurring annual cycle.
➡️ Your future manager
You'll report to Maxime, our Operational Risk Manager at Qonto. Maxime built his risk expertise across regulated banking and asset management — from Operational Risk Analyst at ODDO BHF to Risk Officer at Ardian, before joining Qonto in 2025. He holds a Master's from ESCP Europe and an AMF certification, and brings a structured, framework-oriented approach alongside a solid understanding of what genuine first-line control ownership looks like in a regulated environment.
Join us as Level 1 Permanent Control Coordinator to take on a structural challenge: making Qonto's first line of defence genuinely own its control framework. You'll build the Level 1 Target Operating Model from scratch, run the Risk & Control Self-Assessment (RCSA) cycle, and produce the risk cartography and governance reporting that keeps regulators and leadership aligned, under the guidance of Maxime, our Operational Risk Manager.
➡️ What you'll do
- Design the Level 1 control plan: Roll out a unified control framework across all Qonto teams, defining minimum standards for control objectives, owners, procedures, evidence requirements, and remediation logic.
- Own the RCSA-based risk cartography: Build the Risk & Control Self Assessment methodology with business teams and maintain a first-line risk cartography aligned with the broader risk framework.
- Define and deploy the Level 1 Target Operating Model: Formalize roles, processes, escalation routes, and first-line/second-line interactions, then drive adoption across the organization.
- Produce governance reporting: Consolidate Level 1 control execution data (completion rates, failed controls, remediation status) and present to the Risk Committee and relevant governance bodies.
- Keep LoD1 and LoD2 genuinely separate: Act as the first-line counterpart of Internal Control, ensuring first-line teams own their framework independently.
➡️ What we're looking for
- Permanent control or operational risk background: 3-5 years experience in permanent control, internal control, or operational risk in a regulated banking environment and understand what strong first-line ownership looks like.
- Sound knowledge of French banking regulation: You're familiar with the Arrêté du 3 novembre 2014 (Art. 12, 100/102), EBA internal governance guidelines (EBA/GL/2021/05), and the Three Lines of Defence model.
- Hands-on RCSA and risk cartography experience: You've designed or maintained RCSA methodologies, risk taxonomies, and risk cartographies.
- Getting teams on board: You know how to get business teams to change their practices through clear standards, governance visibility, and well-structured escalation paths.
- AI-ready: You use AI tools to accelerate analysis and automate reporting loops, and you're excited to bring that mindset to how you build processes.
➡️ What we can offer you
- Real structural impact: This role exists to give the first line genuine ownership of its control framework, and you'll own the build from design through to rollout.
- High governance visibility: Your output feeds directly into the Risk Committee and regulatory-level reporting.
- Build before you maintain: The TOM, RCSA methodology, and harmonized control plan don't exist yet; you're designing them, not inheriting a legacy.
- Scope that grows with you: As the framework embeds, the role evolves from project delivery into owning the recurring annual cycle.
➡️ Your future manager
You'll report to Maxime, our Operational Risk Manager at Qonto. Maxime built his risk expertise across regulated banking and asset management — from Operational Risk Analyst at ODDO BHF to Risk Officer at Ardian, before joining Qonto in 2025. He holds a Master's from ESCP Europe and an AMF certification, and brings a structured, framework-oriented approach alongside a solid understanding of what genuine first-line control ownership looks like in a regulated environment.
At Qonto, we understand that true diversity isn’t just about ticking boxes on a hiring checklist. Apply regardless of the boxes you tick — who knows? You may have the missing piece of the puzzle we’ve been searching for all along. By applying, you agree that Qonto processes your personal data to assess your application. Your data is kept for up to 2 years in our candidate pool. Read our Privacy Notice for full details. ------------------------------------------------------------------------------------------------------ On average, our hiring process lasts 20 working days. More information on our candidate journey here ------------------------------------------------------------------------------------------------------🔒 Your security matters to us
Recruitment scams are on the rise. Keep in mind, we will never work with third-party platforms or agencies that request payment from candidates.If you receive a suspicious message claiming to be from Qonto, please report it right away (support@qonto.com)