We are looking for a Senior Information Risk Manager to safeguard the client's organization from IT, Information Security, and Cyber risks.

The Information Risk Manager will be responsible for risk management of information and IT security. This includes implementing and maintaining the information security control framework (based on NIST FS), performing testing activities to ensure the effectiveness of the control framework, and conducting risk assessments. The role also involves challenging the client's IT on their risk posture and maturity of risk-mitigating actions to facilitate continuous improvement of control activities. Additionally, the Information Risk Manager will report on IT and Information Security status to management and other stakeholders, such as internal and external auditors and regulators.

You will:

• In a global team of Information Risk Managers, take care of security plans, risk analyses, risk opinions on incidents and changes, control testing, risk tooling, training, and evaluation.
• Initiate and manage information security and awareness programs.
• Work closely with the I&ORM teams situated in Amsterdam, London, Chicago, Sydney, Singapore, and Tokyo.

Responsibilities

• Implementing and maintaining the information security control framework (based on NIST FS).
• Performing testing activities to ensure the effectiveness of the control framework.
• Performing risk assessments.
• Challenging the client's IT on their risk posture and maturity of risk-mitigating actions to facilitate continuous improvement of the control activities.
• Reporting in IT and Information Security status to management and other stakeholders like internal and external auditors and regulators.

Who are you?

• 5 - 8 years of experience, including experience in the financial sector.
• Certification of Information Security Management (eg, CISM, CISSP, CISA), RE title and/or IT management related degree at a bachelor's/master's level.
• Knowledge of Information Security standards and regulations (NIST FS, ISO 27001/2, ISF Standards of Good Practice, GDPR).
• Knowledge of process design & process management.
• Knowledge of Business and IT architecture.
• Affinity with relevant laws and regulations.

Profile

You are a risk specialist with extensive information security experience and strong soft skills. You have a strong vision, are proactive in taking initiatives. You are risk aware and have a good talent in stakeholder management, without being shy in showing backbone. You are a team player in a multicultural environment (English is used for communication).

Job-specific competencies:

• Vision
• Risk awareness
• Continuous improvement
• Autonomy
• Providing feedback
• Coaching
• Show backbone

About Levy Professionals:

Since 2000, we provide professional solutions to organizations ranging from tech start-ups to global players. From our offices in Amsterdam and London, we have built an international and local network of skilled employed professionals and contractors fuelled by our passion for connecting skills with projects. Over the years, we have fulfilled over 1700 requirements and nowadays we consistently have 250+ professionals recruited and relocated from countries allocated to various projects. Our strength is the way that we see and treat people. This will always be a key factor in our strategy for many years to come.