IT Security Risk Manager
For our top client in Eindhoven, one of the biggest technical companies of the Netherlands, we are looking for a IT Security Risk Manager. The IT division supports information management, infrastructure and automation and optimization of key business processes across the company. The ICT infrastructure, hardware and applications are absolutely mission-critical for almost all our clients internal and external activities. A sub-department within the IT organization is the IT Competence Center Corporate. This competence center is responsible for innovation projects and changes in the IT systems supporting our corporate support organizations like Finance and HR. The Identity and Access Management expertise is part of this competence center.
The team is working in scrum methodology. Currently the companies IT department is in an Agile Transformation, in which SAFe (Scaled Agile Framework 5.0) will be implemented. This role will be responsible for managing and reporting on information security risks. This will include the Information Security and Safeguarding of Assets, as part of our Risk Universe items. In addition, this role will manage and report on the cross-sector Security risk register.
Maintain and develop our clients wide Information Security Risk Management means and methods
Perform information security risk assessments and propose mitigating controls
Drive risk mitigation based on agreed controls
Maintain our clients Security risk register and Cross-Sector Security Risk Register.
Perform and support risk reporting including tracking KRIs
Alignment with our clients sectors and their security risk registers
Manage the Exception process including reporting on a regular basis
Keep up with relevant international legislation, best practices, emerging threats, policies and benchmarks
Drive the GRC tooling implementation
Be the lead for the following focus groups
Information Security Risk Management
Strategic focus group development
Means and methods development
Competence and knowledge management
Wat verwachten we van jou?
Bachelor or Master degree in a technical area
Minimum of 6 years of relevant experience in information security risk management
A strong background in IT or proven relevant experience in the IT security domain
Proven experience with the ISO27001/ISO31000 risk management framework
Information security risk management qualifications like CRISC, CISSP, CISA or CISM
Knowledgeable on global Privacy regulations.
Wat kun jij van ons verwachten?
To be discussed.
Voordelen van solliciteren via Trinamics
- Keuze uit meer dan 500+ technische vacatures.
- Je profiteert van ons grote netwerk aan bedrijven.
- Eenmaal aan het werk, blijven we met je in contact.
- Altijd een persoonlijke consultant voor ál jouw vragen.