IT Risk Manager Medior / Senior
Utrecht, 36 hours per week
In this job your scope is on IT Risk Management. You will establish IT Risk Management in the Systems or Infrastructure departments as part of the Self Organising Risk team that consists of a.o. Security and Business Continuity Risk Specialists. Besides that you will be part of IT Risk Theme teams that improve and professionalize the IT Risk Management practices and tools.
In addition you analyse, report, explain on IT Risk levels in and outside the risk threshold. You will lead IT Risk Management, Risk governance and the implementation for specific departments. The IT Risk Manager advices on the set up of the IT Risk Management practices and framework.
As IT Risk Manager you will report to the Team Manager IT Risk Management.
IT Risk Management & Compliance is responsible for IT Risk management within the COO-domain and is part of Risk, Reporting & Security. IT Risk Management & Compliance is decentral organised in self-organising Risk teams within the IT Systems and IT Infra departments and the Service Center Internal Control. These Risk teams consist of Risk specialist from IT Risk M&C, IT Security, Business Continuity and IAM department within RRS. The SC Internal Control performs and reports upon the internal controls on the IT processes and IT assets of the IT Systems and IT Infrastructure.
IT Risk Management is of growing importance since the IT departments needs to be in control over the IT Risk and have the obligation to demonstrate that the IT processes and IT assets comply with the international rules and regulations.
IT Risk Management is developing and implementing practices to uniformly perform and report on the integrated risk profiles and control status.
Within COO-domain, IT Risk Management and Compliance is part of the department Reporting, Risk & Security (RRS). Besides IT Risk Management and Compliance, RRS consists of Global Security Office, Program Office, Reporting Services, Facilities and Communication and Global BCM.
IT Risk Management translates requirements to pragmatic policies, procedures and measures. Next to that they advice IT Management and other internal stakeholders concerning managing and mitigating IT Risks.
• Master education level
• Native Dutch and fluent in English, both verbally and in writing
• 3-5 years’ experience IT Risk and Quality Management, performing and organising IT Risk assessments
• Sound knowledge of IT Controls incl ITGCs SOx control testing
• Ability to translate local and global regulations (a.o. ECB, DNB, MAS, FSA) in adequate IT Risk Management measures and reports
• Knowledge and expertise in IT and IT Risk frameworks: COBIT, Risk IT, CMMi, ITIL, ASL
• Providing guidance to management for the implementation of quality requirements and functioning as a sparring partner and proactively giving advice
Vision on effective implementation and expansion of IT Risk Management
Besides the Rabobank core competencies of Customer focus and Collaboration, the following competencies are required for this position: