In an increasingly complex digital world, there is a need for transparency and accountability. As an experienced IT Risk & Compliance Officer, you are committed to ensuring a robust and secure IT infrastructure within the organization.
De functieThe success of the organization is influenced by many different internal and external factors. For example, changes to strategy or complying with amended or new laws and regulations. It is very important for the organization to be able to respond to changing market conditions, so that growth opportunities are utilized and risks minimized. Building resilience through risk management and internal control is therefore essential.
Governance
- Formulate, maintain and test policies as part of the information security policy framework, such as Incident Response and Data Security Policy.
- Ensure quality and common applicability of the policies as well as alignment across Faber Group.
- Implement and maintain robust security measures to ensure the integrity, confidentiality, and availability of data.
Risk
- Identify and implement appropriate risk management frameworks such as NIST and ISO27001.
- Conducting internal and external audits to assess the effectiveness of IT controls, identifying vulnerabilities, and developing effective risk management strategies.
Compliance
- Stay up-to-date on the latest developments in IT risk and compliance and ensure proper communication to internal stakeholders.
- Ensure internal and external compliance and developing compliance programs enabling the organization to meet internal and external regulations.
- Foster a culture of continuous improvement within the organization.
As an IT Risk & Compliance Officer, you strive to lay a solid foundation for a secure and compliance-focused IT environment, and you are determined to support organizations in navigating the complex world of IT risk and regulation. In your role you work closely with other IT and security professionals within the organization.
Your background includes extensive experience in risk management, regulatory compliance, and information security. With an in-depth understanding of the current threat landscapes, compliance standards, and best practices in the IT industry, you'll be able to take a proactive approach to identifying and minimizing risk.
Education
- Bachelor's/Master's degree in IT, Information Security or a related field.
- Certifications such as CIPM, CISM, or similar are a plus.
Knowledge & Experience
- Experience in conducting internal and external audits to assess the effectiveness of IT controls. Proficiency in developing and implementing improvement plans.
- Thorough knowledge of relevant laws and regulations, such as GDPR, NIS and local privacy laws.
- Experience implementing risk management frameworks such as NIST and ISO 27001.
- Experience with security audits and incident response.
- Strong communication skills to communicate effectively with both technical and non-technical stakeholders. Able to collaborate with different teams to achieve common goals.
Language
- Proficiency in Dutch (MUST) and English
- Proficiency in German is a pre
You will be employed by YER and seconded to Faber Group.
- Attractive salary and secondary conditions (50-70K, depending on level of experience)
- Intercultural working atmosphere and family-like culture that values entrepreneurship
- Flat organizational structure where colleagues motivate each other and tackle problems together
- Festivities and events with (international) colleagues
- Flexible opportunities to support work-life balance
- Exceptional performance will not remain unnoticed and unrewarded
- Support your continuous development by learning and training opportunities including the YER Talent Development Programme with a personal coach
- Excellent guidance from your consultant and YER's back office
- Community/network with other professionals from a variety of multinationals
- Events and master classes with interesting speakers and attractive company
Het salaris bedraagt €50000 - €70000
