IT Risk SME

A proactive and highly analytical IT Risk SME to join our client's IT Control team in Amsterdam. In this role, you will serve as a domain expert guiding internal and external IT audits, ensuring the timely completion of evidence requests, and driving risk mitigation across a global IT landscape.

This is a key 1LoD Control role where you will actively improve IT Audit processes and the IT Risk & Control (R&C) Framework.

You will:

• Provide 1LoD IT Audit guidance within the IT Control & Service Management team across all aspects of the global IT landscape.
• Organize, control, and monitor progress on follow-ups for audit assessments and questionnaires.
• Document IT Audit and questionnaire handling processes to ensure business continuity.
• Maintain, monitor, and continuously improve the IT R&C Framework.
• Prepare, coordinate, execute, and document 1LoD workshops and supporting evidence to resolve OSI findings.
• Liaise between the IT Center of Excellence, IT teams across regions (NL, US, AP), suppliers, and 2LoD Risk Management.
• Execute risk assessments, analyze compliance data, and present results and mitigating strategies to senior management.
• Additional activities: You will be responsible for educating global employees on IT Risk management best practices, reviewing/revising IT procedures, and aligning multi-regional stakeholders on standardized risk initiatives.

Do you have experience in ServiceNow?, Do you have a Master's degree?, * 7+ years of professional experience working in a complex IT, Risk, or Compliance environment.

• Minimum of 5 years of dedicated IT Risk experience, collaborating closely with both internal and external IT Risk & Control/Audit teams.
• Proven experience working within a regulated, financial, or highly structured IT industry.
• Hands-on knowledge of the Audit Lifecycle and frameworks like ITIL, COBIT, and NIST (NIST experience is highly preferred)., * Education: Bachelor's or Master's degree (or equivalent professional level) in IT, Information Security, or a related field.
• Mandatory Certification (at least one of the following is required):

• CISA (Certified Information Systems Auditor)
• RE (Register EDP-Auditor)
• ISO 27001 Lead Auditor
• CRISC or CGEIT

• Preferred Certifications: CISM or CISSP.
• Soft Skills: A self-starter mindset; you naturally take the lead and stay "in the driver's seat" without waiting for direction.
• Communication: Excellent written and verbal English communication skills, with a proven ability to present and advise senior stakeholders and management.
• Attention to Detail: Exceptional documentation skills.
• Tools (Preferred): Familiarity with Atlassian products (Jira, Confluence), AGRC, and/or ServiceNow.

Since 2000 we provide professional solutions to organizations ranging from tech start-ups to global players. From our offices in Amsterdam and London we have built an international and local network of skilled employed professionals and contractors fuelled by our passion for connecting skills with projects. Over the years we have fulfilled over 1700 requirements and nowadays we consistently have 250+ professionals recruited and relocated from 14 countries allocated to various projects. Our strength is the way that we see and treat people. This will always be a key factor in our strategy for many years to come.