Randstad Digital - It And Cyber Control & Compliance Officer.

The Governance, Risk and Compliance (GRC) team supports IT and Business Units to define, implement and maintain an IT and Information Security Management System, with the ultimate objective to enable sound and formal risk decision making by management.

GRC Norms &
Control team is very active the development and implementation of IT and Cyber controls in order to mitigate ICT risks, demonstrate compliance internally or toward the regulator.

To support these activities, the Governance, Risk and Compliance team is looking for an IT and Cyber Control &
Compliance Officer.

The Subject Matter Expert has an in-depth understanding in/ knowledge of ICT Controls.
That expertise necessarily implies the ability to perform any related tasks at a master level in the specific SME role .
Develop, Implement and Maintain ICT Controls (with a particular focus on ICT Security/ Change/ Continuity/ Data Integrity/ Externalization)

Responsabilities

As an IT and Cyber Control &
Compliance Officer you will carry on the activities listed below:
Ensure the deployment of Group ICT Controls;
Analysis, Identification and design of additional Local controls (e.G. PCI DSS);
Coordinate andmonitor the execution of ICT Group or Local controls;
Assure the quality (completeness and adequacy) of the provided evidence;
Test the effectiveness of controls (sample of exhaustive) and provide an advice on the improvement of existing ICT controls;
Report to management, to stakeholders (including the Internal Audit) the results of first-line ICT controls;
Follow-up the status of remediation actions related to these controls;
Contribute to creating/ updates processes and procedures
Language requirements:
Dutch:
Good speaking and writing (optional)
French:
Fluent speaking and writing (mandatory)
English:
Fluent speaking and writing (mandatory)
Your profile
5 years experience in IT and Security processes (e.G. Change mngt, IT lifecycle assets mngt, Incident mngt Risk mngt....).
Knowledge of IT/ Security procedures and standards.
Experience in Metrics definition and dashboarding.
Good knowledge of Excel (pivot tables, formulas) and Word, PPT.
Knowledge of SharePoint (as a user).
Experience in designing and implementing (deployment) ICT process controls.
Skills in coordination of / collaboration with different teams and external resources.
Experienced with regulatory requirements, ISO/IEC standards (e.G.:
27001 Information Security Management Standard...), laws and regulations (Chaps, CIS).
Knowledge of NIST control framework (implementing NIST controls), PCI Standard (implementation PCI DSS controls).
Knowledge of GRC Tools such as RSA Archer;
SNOW.
Project Management/coordination skills.
Knowledge of Agile Methodology.
Ability to understand end-to-end ICT process flows and control needs.
Ability to explain to business the importance of ICT needs/ controls.
Experience in Reports and Memo drafting, and reports ad presentations addressed to senior management.