(Senior) IT Governance Risk Compliance Officer

Amsterdam Permanent
  • Dynamic insurance company
  • Role based ideally in Amsterdam, Milano or Zurich

About Our Client

Our client, a subsidiary of a well-known insurance, is seeking to extend its team with an experienced IT Governance Risk Compliance Officer.You will be working in a small team of 3-4 person as a first line of defence reporting to the Head of IT-GRCS and occasionally to the CIO/CTO.Your GRC activities extend cross the IT Department that includes >50 FTE cross infrastructure, applications and demand management. Our client manages the integration/operation of packaged applications and select few in-house developed applications on Microsoft platforms.Due to business operations in Switzerland and 5 EU countries, our client deals with multiple Insurance industry and general regulations.

Job Description

  • Prepare or review IT risk analyses and track their remediation or risk acceptance
  • Review IT Control execution, results, and the need for corrective actions
    During the initial 2 years there will be considerable emphasis on IT Controls and achieving a SOC-2 (ISAE 3402) certification for IT
  • Co-design changes in the IT Control Set to optimize effectiveness, efficiency and fulfil new regulatory requirements
  • Respond as a single point of contact to IT enquiries from internal and external auditors, regulators and clients
  • Review our current compliance with new or existing regulations, syndicate deficiency findings, and report on required mitigations
  • Prepare Risk reporting for the IT Risk Board as well as to the Risk management body

The Successful Applicant

  • General IT Experience 5-10 years,
    IT Governance Risk Compliance experience: 3-5 years,
    experience in a regulated industry: 3-5 years
  • Academic or Polytechnic education >= Bachelors level
  • Understanding of IT architectural & technological aspects to
    ask the right questions, recognize the risks, or identify substantial incompleteness
  • Industry certification in audit and risk management related roles e.g. from ISACA will be considered an advantage
  • Experience in the implementation of industry Standard IT Control sets such as NIST 800-, ISO-2700x or CSA
  • Excellent command of the English language both verbally and in-writing
    Command of the German language will be considered an advantage
  • Location preferences: 1st in Amsterdam or Milano, 2nd preference in Zurich
  • Candidates need to commit to a flexibility of corporate- and home-office work with a minimum recommended attendance in corporate offices of 1 to 2 days per week.

What's on Offer

  • Attractive conditions
  • International environnment
  • Opportunity to work with the latest microsoft technology
  • Role based either in Amsterdam, Milano or Zurich
  • Home office
Anthony Adam
Quote job ref

Job summary

Contract type
Consultant name
Anthony Adam
Job reference