Senior Information Risk Management
Group Risk Management is looking for a Senior Information Risk Management Officer who supports the NN organization in managing information security risks. Candidates must have significant knowledge of IRM methods and techniques and Cybercrime developments and who shows leadership in identification and development of new IT Security initiatives, policies and processes to mitigate (new) threats.
You are responsible, amongst others, for:
- Facilitating and monitoring the design and operational effectivness of IT controls and processes;
- Challenge the first line in implementing a secured architecture aligned with the business goals and future plans;
- Tracking progress status around remediation activities to clsoe gaps from policy compliance assessments and various other risk assessments;
- Performing expert based risk assessments (and facilitate risk & control self assessments) on the CIO department;
- Analysing IT incidents reported by staff and report lessons learned to the CIO management;
- Develop, plan and coordinate the execution of security awareness training in creating a strong risk aware culture within NN;
- Developing, maintaining and advising upon the NN Group IT policies and Minimum Standards.
Meet your team
NN is a large organization. If you start working with our team, you will work for Group Operational Risk Management (GORM). GORM has 17 enthousiastic and experienced colleagues working on group ORM oversight and performing 2nd line activities for Corporate Staff Departments including CIO. Your colleagues are experienced in Operational Risk, Information Risk, Data Quality and Insurable Risk. The team has already six Information Risk Managers and we are looking for new colleague.
- University degree in Information Technology, Security or Audit, or equivalent;
- At least 3- 5 years of professional experience in the IT Risk Management, IT Security or IT Audit;
- Multiple industry recognized certifications like CISSP, CRISC, CSSP (Cloud), CPT is a big plus;
- Experience in Agile/Scrum methodology is a big plus;
- Passion and knowledge for IT and IT Security and modern cloud technologies;
- Strong analytical and quantitative skills;
- Excellent and natural communicator; excellent written and verbal communication skills (English and Dutch), able to construct and explain a comprehensive, logical argument;
- Results oriented, precise, attention to detail and self-starter;
- Thorough knowledge of IT governance and control frameworks;
- Understanding of complex IT environments including (legacy, hybrid cloud, virtualization, software defined networking);
- As Senior Information Risk Manager your personal qualities will play a decisive role.
We offer you
Naturally our appreciation for our colleagues are reflected in our conditions of employment, which, for the most part, can be adapted to your own personal wishes. We offer you:
- A work environment that is characterized by an professional atmosphere, collegiality and open communication;
- Plenty of opportunities to develop yourself; craftsmanship and development are our top priority;
- The opportunity to work with professional and expert colleagues who have a tremendous drive to do good, in the interest of the client, the company and our business partners;
- Modern compensations & benefits with room for your own choices;
- The job is for 36 working hours a week and the location is Den Haag;
- A position in job grade 11/12 with a salary, depending on knowledge and experience (Risk management level 4).
More information about our employee benefits can be found here.
How to apply
Are you the one we are looking for? Then apply directly by clicking the button below this vacancy.
Please apply online via the link to ensure a smooth procedure. Note that applications via e-mail will not be considered.
More information about our application process can be found here.