IT Risk and Compliance Integrator (IAM)Amsterdam
For our client in Amsterdam we are looking for an IT Risk and Compliance Integrator (IAM)
The department is a modern and vibrant place for every integrator or analyst with an IT Risk mindset to work in. We have 40+ software delivery teams, software development is fully shifted-left, based on a modern tech stack where Java code is deployed with Azure DevOps, towards our OpenShift powered cloud.
We took agile to the next level and we ship software frequently. We are an internationally operating department: we serve customers in Netherlands and Belgium with our products and journey, and we have remotely spread teams across multiple sites. The stage for your work couldn’t be bigger than this!
Our IT Risk /compliance stack:
We take risk and compliance seriously and implemented a ‘3-lines of Defense model’. Our software delivery teams are seen as the 1st line of defense, they are facilitated by a small team (2FTE) of IT Risk specialists. They are facilitating squads to comply to the guidelines and evidence requirements set.
Enabling is done by designing risk journeys but also by hands-on sessions with the teams. This results in alignment on the provided evidence with 2nd line Risk department, and limited findings during audits (3rd line of defense).
The role of IT Risk and Compliance Integrator includes the following aspects:
For our Risk team we are looking for an integrator to bring IT Risk evidence to the next level, and challenge the auditing departments on the required deliverables.
Also, the role includes (automated) creation and delivery of the IT Risk evidence for the feature teams.
In a team of 3-4 risk professionals you will create, improve or redesign IT Risk journeys of various IT applications, according to many risk themes such as identity & access management, cyber resilience, or testing strategy.
The type of person we are looking for:
• You have an interest in IT Risk related subjects and compliance in a complex IT environment
• Wherever possible you strive to automate required risk evidence and improve the risk journey for the feature teams
• Focused on working together, enabling others within the tribe to be successful
• Full of energy and hands-on
The skillset you need to have:
• Track record in working in software development environments.
• Experience and thorough understanding of IT risk topics like Identity and Access Management.
• Experience with working in multidisciplinary teams and in an agile way of working is a pre.
• Have a clear vision on how provide compliant evidence to various auditing colleagues.
• Stakeholder management: Being able to clearly communicate and challenge senior IT managers and IT Risk and compliance partners
• Being Certified in CISSP, CISM or CISA is a pre.
• Fluent English speaking and writing
Hybrid working mode (1x weekly on site in Amsterdam)
Long term assignment (max 2 yrs)