Senior IT Risk Control Analyst

• Help create and execute the annual Risk and Control Self-Assessment year plan
• Facilitate risk assessments & workshops for Processes, Applications, Technologies, and Programs & Projects
• Help identify, assess, and document risks and corresponding mitigation plans or acceptances
• Challenge and advise the business on risk and controls being able to find right risk reward / cost benefit level
• Build and maintain relationships in an international environment with both technical as well as business-
oriented people
• Train stakeholders / promote awareness on risk management through our training & awareness program
• Contribute to simplification and optimization of our risk management processes, policies, and control
framework
• Create risk profiles and risk reporting and present reports to internal customers and risk & security
stakeholders
• Participate in Risk Governance process to provide updates on risks, mitigations, and input on other technical
risk.
• Support and participate in internal / external and regulatory audits / policy attestations
• Support the preparation, distribution, and maintenance of plans, instructions, guidance, and standard
operating procedures.

Elvárások:

Risk Management
• Five + years of risk management experience and knowledge
• Being able to facilitate risk assessments, explain risk lifecycle to stakeholders
• Being able to challenge stakeholders, get to the core of issues and risks

• Excellent communication skills in writing and communicating in clear concise manner, ability to document
risks and controls
• Building strong relationships within various departments and across three lines of defense, and work in a
multi-cultural and international environment
• Experience with Governance, Risk and Compliance (GRC) tooling such as ServiceNow IRM

Technology & Security
- Solid understanding of technology and or IT General Controls. The ideal candidate has knowledge of one or
more of the following domains: ITIL processes, networking, infrastructure, mainframe, database management
systems, datacenter design, AWS / Azure cloud, IT Architecture, office365, IT security.
- Curiosity for new technology and ability to understand the role that it plays for our business and end users
- Ability to break down technology and apply cybersecurity and privacy principles to organizational requirements
(relevant to confidentiality, integrity, availability, authentication, non-repudiation)

Preferred
- Preferred Risk Governance qualification: CRISC, CGEIT, COBIT, COSO (one or more, or willingness to learn)
- Preferred IT / Security qualifications: CISSP, RE, CISM, CISA, ITIL, ISO27000 (one or more, or willingness to learn
in short time)

Egyéb információ az állásról:

With key markets in the Netherlands, the UK, and the US, as well as growth markets in China, Brazil, and Iberia, our international partner supports one of the largest financial services groups, by offering IT, finance, risk, model validation, actuarial, audit, and asset management services with the purpose of helping their customers to live their best lives.   

A diverse workforce and an inclusive culture are fostered by our partner. They value diversity as a whole, including but not limited to, racial, gender, and ability diversity as well as diversity in language, culture, beliefs, age, origin, background, perspectives, and experiences.