Do you have deep knowledge of information security and cyber risk-related topics and are you able to share this knowledge effectively to less experienced colleagues as well? Are you an entrepreneurial self-starter and enjoy constructive sparring with teammates? Can you switch from strategic and conceptual thinking to operational and hands-on activities?
My client is currently looking for a second senior IT Risk Manager to be part of their Risk Management team, focusing on IT risk, cyber risk and data risk. As part of the separate and independent Risk Management function, you will have a separate and independent function in order to facilitate the creation and maintenance of a robust organization.
You will be responsible for the design and implementation of second-line IT risk management within a scale-up company. By doing so, you will have a unique opportunity to really put your ideas in the field of IT risk management into practice and make your mark in the organization.
- Proactively identify potential problems before they occur so that risk-handling activities can be planned and invoked with regard to credit risks and market risks.
- Help the organization setting the right priorities with regard to IT risks by challenging and advising first-line departments.
- Help relevant stakeholders to get a clear view on the level of being in control through the set-up and execution of a monitoring and reporting cycle.
- Increase & improve the IT risk awareness within the organization; motivate and make the organization aware of risk management;
- Remain well informed of new developments in the area of IT risk management.
- Manage and continuously improve the IT risk and control framework with a significant focus on IT security and information risk.
- Monitor IT & security events and follow-up on security-related incidents.
- Conduct Risk Analyses by performing security test & reviews, ensuring my client system, policy, process and procedure controls are continuously strengthened.
- Support IT process owners with identification and measurement of KPIs and KRI’s.
- Escort external IT audits.
- Master degree.
- Over 8 years of relevant working experience, e.g. in IT/Security risk-related roles in a changing environment.
- Professional English working proficiency.
- Thorough knowledge of IT Risk & Control Management, with specific experience in both internal and external IT security-related projects.
- Knowledge of current laws and regulations, such as GDPR and MIFID II.
- Familiar with ISO 27001, COBIT and COSO.
- CISPP certificate is a pre.
- Being able to switch from strategic and conceptual thinking to performing operational and hands-on activities.
- Flexible, yet able to keep your back straight at important moments.
- Able to apply a clear and to-the-point communication style, both orally and in writing.
- Organizational sensitive.
- Intrinsically motivated to function with a high degree of integrity and responsibility.
- A challenging full-time job in an international and fast-growing company.
- A competitive salary.
- Relevant certification and education.
- A lot of freedom executing your role and a chance to shape your own career.
- The opportunity to participate in a new, enthusiastic team of likeminded professionals.
Are you interested in joining our client? We look forward to receiving your resume and motivation letter. For more information about the role, you can contact Patricia Koekenbier @ firstname.lastname@example.org or 0630400141