IT Risk Manager
This is where you will work
The role is within the Data, Security and Technology team of the Compliance department. This department is responsible, amongst others, for ensuring Security/Technology risk is managed within risk appetite.
Our client is seeking a dedicated and experienced IT Risk Specialist to join a dynamic team and play a pivotal role in ensuring that the operational activities align with the risk appetite and compliance standards.
Additionally, you will be responsible for providing second-line oversight and guidance to ensure that operational activities are conducted in accordance with our established risk appetite and compliance frameworks. Your role will encompass conducting audits, validating risk assessments, and collaborating closely with the IT department to implement necessary actions and improvements. You will be a critical link between our business operations and risk management functions, contributing to the overall success of our risk mitigation efforts.
This is the position
- Coordinate the Security and Technology programs and initiatives in cooperation with internal/external stakeholders
- Provide strategic Security and Technology guidance to IT operations and infrastructure as their collaboration partner
- Oversighting of and providing advice to projects with Security and Technology relevance
- Point of contact for definition of policies and procedures with Information Security relevance in close cooperation with the Group
- Develop and maintain security-related KPIs
- Design and execute regular training and awareness campaigns
- Continuous risk assessment of the bank's local information domain
- Provide support and advice to departments regarding operational Security and Technology
- Design and issue regular and ad hoc Security reporting to the Management Board as well as other internal and external stakeholders
- Conducting continuous risk management of security risks, including control execution and test activities
- Contribute in change initiatives to support projects as well as functional departments with ad hoc advice for activities around Service Management, User Access Management, End-User Computing, High-Risk Data Transfer and Business Impact Assessments etc.
- Ongoing assessment of legal and regulatory changes around Security and Technology and adaptation of local processes and policies to these
- Assess existing as well as new vendors from Security and Technology perspective
This is you
- A recognised university degree, preferably in an IT related discipline (Master level)
- Profound knowledge of common Information Security and IT standards (e.g. ISO, BAIT, MaRisk, IT-SiG, NIST, ITIL)
- Several years of professional experience within IT/ Information Security
- Background in banking preferable
- Very good analytical and problem solving skills
- Strong planning and organisation skills
- Very good written and verbal communication skills
- Business acumen and interpersonal skills to build relationships with professionals at all organisational levels
- Fluency in English. German or Dutch is a plus
This is what you can expect
- An annual salary package (tailored to your personal knowledge & experience)
- An attractive pension scheme
- Flexible working; you can schedule your work hours to meet your personal needs
- Hybrid working; you can work from anywhere, even work from another country within the EU
- Travel allowance or public transport card
- A good catering in the canteen