IT Security Risk Manager
For our top client in Eindhoven, one of the biggest technical companies of the Netherlands, we are looking for a IT Security Risk Manager. The IT division supports information management, infrastructure and automation and optimization of key business processes across the company. The ICT infrastructure, hardware and applications are absolutely mission-critical for almost all our clients internal and external activities. A sub-department within the IT organization is the IT Competence Center Corporate. This competence center is responsible for innovation projects and changes in the IT systems supporting our corporate support organizations like Finance and HR. The Identity and Access Management expertise is part of this competence center.
The team is working in scrum methodology. Currently the companies IT department is in an Agile Transformation, in which SAFe (Scaled Agile Framework 5.0) will be implemented. This role will be responsible for managing and reporting on information security risks. This will include the Information Security and Safeguarding of Assets, as part of our Risk Universe items. In addition, this role will manage and report on the cross-sector Security risk register.
- Maintainanddevelopour clients wide Information Security Risk Management means andmethods
- Perform information security risk assessments and propose mitigating controls
- Drive risk mitigation based on agreed controls
- Maintain our clients Security risk register and Cross-Sector Security Risk Register.
- Perform and support risk reporting including tracking KRIs
- Alignment with our clients sectors and their security risk registers
- Manage the Exception process including reporting on a regular basis
- Keep up with relevant international legislation, best practices, emerging threats, policies and benchmarks
- Drive the GRC toolingimplementation
- Be the lead for the following focus groups
- Information Security Risk Management
- Strategic focus group development
- Means andmethods development
- Competenceandknowledge management
- Bachelor or Master degree in a technical area
- Minimum of 6 years of relevant experience in information security risk management
- A strong background in IT or proven relevant experience in the IT security domain
- Proven experience with the ISO27001/ISO31000 risk management framework
- Information security risk management qualifications like CRISC, CISSP, CISA or CISM
- Knowledgeable on global Privacy regulations.
- Reis kosten vergoeding
- Pensioen / Pensioenplan
- Evenementen voor werknemers
- Performance bonus
- Referral bonus
- Auto van de zaak
- Flexibel rooster
- Reis kosten vergoeding voor OV