We’re AD/01, the tech studio that builds the future of food retail. Whether it’s in-store aisles, online baskets, or behind-the-scenes operations, we innovate the daily food experiences for farmers and families, grandmas and greengrocers, and pickers and packers alike.

We’re part of the Ahold Delhaize network, one of the world’s largest global food retail groups and a leader in both supermarkets and e-commerce. With 19 strong local brands in Europe, the United States, and Indonesia, we create a meaningful difference for our customers, our people, and the world around us. And we’re looking for the freshest minds excited to create the recipe for change.

Your new role and environment.

As a Cyber Risk & Assurance Officer you will be the key component in supporting the group’s cybersecurity risk and assurance program using their skills to implement adequate and innovative security risk management processes and tooling to achieve satisfactory and mature cyber risk and assurance capabilities within Ahold Delhaize and its Brands.

You will support the execution of the cyber risk management framework and security assurance process initiatives across the organization. This position will assist in conduct of risk assessment, risk analysis, registration and reporting requirements by ensuring a culture of risk mindset across the organisation . Initiatives this associate will support include support conduct of scenario based risk assessments, ensuring that risks are registered, reported and monitored consistently. You will also support the security assurance program by monitoring & testing of security controls.

You will report to the Head of Cyber risk and security assurance within the Cybersecurity Governance, Risk and Compliance team in the Group Cybersecurity Office.

The primary purpose of this position is to work with the Cyber Security GRC Risk & Assurance team to ensure that the groups’ needs are met. Support the delivery of the program for the Cyber risk and security assurance team on Group level by leading or supporting relevant initiatives of the security program and portfolio.

Key responsibilities of your role.

• Carry out periodic cyber risk assessments within the Cyber security risk management framework
• Periodically monitor the threat landscape and vulnerabilities working closely with the relevant teams within the Group Cyber Security Office
• Ensure that risks are identified and registered appropriately through various source
• ingestions
• Streamline the security risk exception and acceptance process linked to the risk register
• Act as a brand ambassador to bring risk-based mindset across the organization by organizing training and awareness
• Collaborate closely within the GCSO, IT and business teams in implementation of the framework
• Develop related metrics and dashboards to provide an overview of cyber risks
• Work closely with risk owners to monitor risks and ensure that risks are managed within the appetite
• Support the cyber insurance process
• Identify opportunities for embedding risk elements within the GCSO teams
• Periodically test security controls to provide assurance and support maturity assessments, review of assurance reports such as ISO, SOC2/ISAE to provide security assurance
• Conduct third party risk assessments and ensure risks are identified and managed as well as reported
• Work with Legal, privacy teams to ensure security requirements are embedded in third party contracts

What’s in it for you?

We ask a lot. (We’re looking for the best, after all). But we offer a lot, too.

So, what do we have in store for you? We offer flexible hours and a hybrid working model, allowing you to work both from home and at the office. We provide competitive benefits to support health, well-being and your professional growth. This includes: a significant budget on benefit platform and a yearly bonus. At AD01 we welcome everyone, just the way you are, and encourage individual growth with valuable opportunities and a worldwide across-brand network.

Requirements.

• Bachelor’s degree or equivalent technical training in Information Technology, Information Systems Security, Cyber security, or related field
• 3+ years of experience in cyber security risk process
• Knowledge of cyber security threats and best practices
• Knowledge of industry authoritative sources such as NIST, COBIT, GDPR, PCI and ISO standards
• Solid communication and presentation skills
• Strong results orientation to achieve goals
• Familiarity with the retail industry
• Familiarity with GRC platforms, security-related legal and regulatory requirements
• Ability to act independently with minimal supervision
• Excellent command of the English language, both written and spoken

Apply now

If you’re excited to help us grow, then please apply now. If you feel like you might not tick all the boxes but have the skills and personality we’re looking for, then please also apply now!

Got questions? Don’t be shy. Madalina Pungaru at [email protected], has answers.

For us, diversity means being inclusive of thoughts and skills, generational differences, LGBTQ+, gender, race and ethnicity, disabilities, nationalities and more. We accept everyone for who they are.