Non Financial Risk Officer (Sox/Soc)Amsterdam
For our client in Amsterdam we are looking for a Non Financial Risk Officer (Sox/Soc).
Your role & work environment:
Total Facility Management (TFM) is a specific form of outsourcing, whereby all operational Real Estate (RE) and Facility Services (FS) processes and associated management activities are outsourced.
Implementation of TFM constitutes a transformational change aimed at reducing costs by increasing efficiency (economies of scale), simplifying by increasing standardisation, improving cost visibility/transparency and streamlining the ING organization, whilst maintaining or improving service levels
Implementation of TFM is in line with the strategy “unite”, as it simplifies and streamlines the FM and RE function, helping us to collaborate better across borders and innovate much.
As Non-Financial Risk Officer you will be working within the Core team which is responsible for successfully implementing and managing the TFM solution and supplier relationship.
As TFM implies a huge transformation the challenges for the Non-Financial Risk Officer is to make the various Non-Financial risks transparent and ensure that the required mitigating actions are initiated. This is done by creating an inventory of risks by category and by developing and implementing the necessary control systems to comply with the NFR guidelines, coordinating recurrent risk-related activities and providing operational assistance. Appropriate due diligence will need to ensure that the outsourced services are/or will become in accordance with our (Non-Financial Risk) Standards and Policies.
Your key responsibilities:
The design and implementation of a sound Internal Control Framework for the new TFM organisation on central and local country level (covering the whole process value chain from MSP to Supplier Service Organisations and subcontractors at all our locations). Performing deep dive gap analysis/ risk & control assessments in order to identify any potential gaps between Policies & standards and Supplier Controls.
Your key tasks include, but are not limited to:
- Steer risk and security awareness within the TFM organisation
- Recognize and articulate problems/risks related to the (implementation of) TFM
- Support the TFM organisation with coordination/documentation/monitoring of risk, compliance and security topics.
- Provide the required Sox 404 statements to the countries twice a year based on Sox Scope Agreements and in cooperation with CBRE.
- Perform fact finding, collecting evidence and documenting activities;
- Steer, coordinate, organize, challenge and periodically report upon the risks of the program (delivery risk) and on risk assessments on specific risks (security, IRM, compliance, BCM) – (result risk)
- Advise the TFM organisation on design/development of the required solutions, including scoping and fulfilling requirements.
- Lead and guide the efforts of others in specific areas and manage the commitments regarding deliverables.
- Liaison with tier 2 security, risk & compliance functions and with local representatives in these fields
In your role you will primarily report hierarchically to the ‘manager Overarching functions’ and you have a functional line in the Non-Financial Risk department.
- Working experience within the Non-Financial Risk domain
- Pragmatic & sound judgment
- Result and solution driven
- Experience with Sox, Soc1 and Soc2
- Preferably experience with outsourcing
- Able to plan, organise and work independently
- Pro-active and take initiative
- Business and risk minded
- Track record in the field of Information (Technology) Risk Management, possessing in-depth knowledge of IRM, IT and IT Security.
- Able to deal with and advise on complex and difficult matters
- Preferably good knowledge of the bank's structures, products and processes
- Convincing in communication, writing & reporting skills in English.
- A critical, though positive constructive mind set.
- Accurate and thorough.