As an IT Risk & Control Specialist, you will play a crucial role in strengthening our IT risk management framework and internal control processes related to information technology. Your primary responsibility is to identify, assess, and drive mitigation of potential IT risks in our systems and processes. You will collaborate closely with various stakeholders, including IT, to promote IT risk awareness and implement effective strategies, reporting to the Global Head Risk & Control.
-
Develop, refine, and implement the IT internal control framework under the guidance of the Global Head Risk & Control.
- Maintain a centralized repository of key IT controls and monitor their quality to ensure adherence to IT risk management and internal control standards.
- Collaborate with relevant stakeholders to ensure timely and effective implementation of IT control recommendations and enhancements.
- Identify and drive opportunities for IT control enhancement through automation and continuous control monitoring.
- Provide expert advice to the organization on the remediation of IT control issues, offering proactive solutions to mitigate IT risks.
- Organize regular awareness sessions on IT internal control framework (ITCG) to enhance understanding and adoption across the organization.
- Driving the Change management process within the organization, this includes training (together with L&D), CAB board ownership, lead CAB board meetings and Change Management governance.
- Assist in preparing comprehensive reports on IT risk and control matters for (senior) management and stakeholders, highlighting key insights and recommendations.
- Contribute in the development, maintenance, and testing of the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) for IT systems.
- Provide support in designing, implementing, and maintaining user access controls for IT systems, ensuring alignment with security policies and compliance requirements.
- Support in designing and maintaining role matrices for IT systems to ensure appropriate access levels and segregation of duties.
-
Bachelor's or Master's degree in Information Technology, Computer Science, Cybersecurity, Finance, Auditing, Business Administration or a related field.
- Prior experience within the IT or IT Audit domain.
- Solid analytical skills with the ability to assess IT risks and propose effective solutions.
- Excellent communication and interpersonal skills, with fluency in English.
- Proactive mindset with a keen eye for detail and the ability to challenge the status quo.
- Upholds the highest ethical standards in all aspects of work.
- Experience in the hospitality industry is advantageous.
- Knowledge of IT frameworks such as COBIT, ITIL, ISO 27001 is a plus. And industry certifications such as CISA, CRISC, ISO 31000 Risk Manager etc. would be beneficial.
-
citizenM experience nights for you (and friends and family). Discounted nights at Marriott hotels
- Personal and professional development opportunities and programs
- Latest tech devices and all the tools you need to be successful in your role
- Commuting travel costs covered (by car or public transport)
- Pension and cycle-to-work scheme
- Subsidized fresh daily lunches at our support office
- Flexible public holidays
- Employee assistance program
- Varied team days and social events (from food trucks and quizzes at the office to parties on boats)
Location / hours
The role is based in Leiden. Our support Office is located 5 minutes walking from Leiden Central Station. Hybrid working is possible, 100 days per year in the office. No fully remote. 32 or 40 hours per week.
Please note that we are only able to consider applicants with the right to work in the Netherlands. We won't be able to sponsor Visas for this role.
