Description

• Information Risk Management
  • Setting up and maintaining an Information Risk Management framework, based on ISF IRAM.
  • Defining, organizing and applying "information risk analysis", "information risk treatment" and "information risk monitoring" processes, policies and standards.
  • Defining and managing the approval and evaluation processes of these new processes and standards.
  • Incorporation of information risk management processes in the existing business and IT processes.
  • Execute, formulate practically and pragmatically, monitor and adjust information risk analysis for new projects and existing situations.
  • Setting up, reporting and maintaining an information risk registry.
• IT Risk Management
  • Maintaining an IT risk management framework, based on ISF IRAM.
  • Applying information risk analysis, information risk treatment and information risk monitoring processes, policies and standards.
  • Execute, formulate practically and pragmatically, monitor and adjust information risk analysis for new projects and existing situations.
  • Maintaining an information risk registry.
  • Unambiguous reporting of risks as well as follow-up of mitigating actions towards the business owners.

In both of these domains, you will work closely with IT PMO to align with existing IT processes, with IT project managers and operational managers to identify or mitigate risks, with Data Protection Officers to guard privacy, with IT Compliance Officers, with the Cybersecurity team, and with IT Service Continuity Officers to align on risks and BIA's.

Education/Experience

• Bachelor's in Computer Science, Information Systems or related field; or you have equivalent work experience.
• Minimum of 3 to 10 years of work experience in risk management and/or information security.