A professional specialized in identifying, assessing, and mitigating risks associated with information technology systems and infrastructure. Based in Amsterdam, you will join the IT Control & Service Management team. Your mission is to help manage and reduce the organization's information risks through continuous management and reporting related to the IT Risk & Control (R&C) Framework.

• Risk Mitigation: Continuous management and reporting of the IT R&C Framework to significantly reduce organizational risk.

• Process Improvement: Resolution of specific OSI findings, including the enhancement of the Risk Self-Assessment (RSA) process.

• Compliance & Audit: Successful completion of Internal and External IT audit evidence requests and ensuring alignment with global regulations.

• Framework Evolution: Designing and implementing robust 1LoD risk-related processes.
  
  

As an IT Risk SME, you are responsible for fulfilling a 1/2LoD QA Control role and improving the client's IT R&C Framework and processes.

You will:

• Act as a domain expert for IT audit evidence requests and action items.

• Collaborate closely with IT Risk SMEs globally (NL, AP, and US regions), 2LoD Risk Management, and external suppliers.

• Manage, maintain, and monitor the IT R&C Framework on a continuous basis.
  
  

• Contribute to solving IT Risk-related OSI findings, specifically focusing on framework and RSA process improvements.

• Prepare, coordinate, and execute 1LoD workshops and document supporting evidence.

• Execute various risk assessments, analyze data, and present results/conclusions to senior management.

• Research deviations and advise on risk-mitigating actions and the development of new standards.

• Provide 1LoD IT Risk guidance across all aspects of the IT landscape, including Client and Third-Party questionnaires.

• Educate employees on IT Risk management best practices and review/revise IT procedures.
  
  

• Education: Bachelor's or Master's degree (or equivalent degree/experience).

• Track Record: Minimum of 5 to 7 years of IT Risk experience, working with both internal and external IT Risk & Control and Audit teams.

• Mandatory Certification: Must hold at least one of the following: CISM, CISA, CISSP, CRISC, or CGEIT.

• Preferred Certification: Cloud Audit Academy (AWS), Cybersecurity Practical Applications, Certificate of Cloud Auditing (ISACA), or CIA (IIA).
  
  

• Technical Knowledge: Deep understanding of NIST, COBIT, and ITIL frameworks (NIST experience is highly preferred).

• Industry Expertise: Familiarity with IT best practices within the financial services industry.

• Soft Skills: Taking the lead without waiting for direction - coupled with excellent oral and written communication skills.

• Stakeholder Management: Ability to effectively communicate with all levels of the organization, including senior management.

• Tools: Familiarity with Atlassian products (Jira, Confluence), AGRC, and/or ServiceNow is considered a plus.
  
  

Since 2000 we provide professional solutions to organizations ranging from tech start-ups to global players. From our offices in Amsterdam and London we have built an international and local network of skilled employed professionals and contractors fuelled by our passion for connecting skills with projects. Over the years we have fulfilled over 1700 requirements and nowadays we consistently have 250+ professionals recruited and relocated from 14 countries allocated to various projects. Our strength is the way that we see and treat people. This will always be a key factor in our strategy for many years to come.