RoleThis role is focusing on the control framework management, covering all key IT and security domains including Asset Management, Operations Management, Backup and Restore, Identity & Access Management, Vulnerability Management, Security Monitoring and Incident Management, Platform, Network and Application Security amongst others.The Euroclearcontrol framework is based on the IT COBIT, ISO 27001/2 and CIS industry standards and is being implemented in the ServiceNow GRC platform.
You will take an active role both in the controls definition and implementation (change) and controlmanagement as it gradually moves to live operation for continuous monitoring/evidencing and continuous improvement (run).You will contribute to design, co-create and roll out effective controls addressing key risks and regulatory requirements across all IT and security domains, advising and challenging control owners.
By promoting and implementing controls you will help to improve the risk culture and control maturity in IT.
You will work closely with process owners, control owners and performers across IT divisions and locations, as well as liaise with second and third lines of defence (RiskManagement and Internal Audit).You have a strong risk mind-set, are a good relationship builder and want to play a critical role in the IT and Security Risk transformation and change roadmap.
Proficient (oral and written) communication as well as influencing are part of your main skills.Qualifications, professional skills and experience University Master’s degree or equivalent experience (education in computer science, engineering or cybersecurity is a plus) 7+ years field experience in the risk and control environment, preferably in controls design/implementation area in large/enterprise multi-platform-based IT environments Good knowledge of the key principles of the Information Security Management Systems and various Technology Domains Certifications in security such as CISSP, CISM, GIAC is a key advantage A good understanding and experience with ServiceNow GRC or equivalent solution is a strong asset.
Fluent knowledge of English (verbal, writing, presentation).
Soft skills You have a strong risk and control mind-set; you are thorough and strive for high quality in your work.
You have good communication skills, whether on the field, in the team or with management:
you are a keen team player and coordinate work amongst people from different areas or divisions.
A good relationship builder with diplomacy skills You are a highly motivated self-starter and you can work proactively in an environment with challenging priorities You have the ability to challenge and influence other IT and Security experts.
You obtain approval of others with good arguments, appropriate influencing methods and personal assertiveness (persuasion), constructively challenging and negotiating at levels up to upper management.
You are able to act as SME in the field and share experience with other Team members.
