Risk- and Compliance manager

As a Risk- and Compliance Manager, you are responsible for ensuring that Group IT delivers its products and services to its customers in various business units and countries while staying within the set risk appetite.

What you are going to do

As a Risk- and Compliance Manager, your primary task is to ensure that both management and employees of Group IT are aware of operational risks and understand the importance of good risk management practices. You have a deep understanding of risk management principles and know how to communicate them effectively to stakeholders. By leveraging your expertise, you inspire the organization to adopt a risk-aware culture, and work collaboratively to elevate the level of risk management across the enterprise. Ultimately, your role is critical in enhancing the organization's ability to identify and mitigate risks, and to ensure the continued success of Group IT's operations.

Your responsibilities

You are responsible for ensuring that Group IT's platforms effectively and efficiently manage to identify, analyse, and manage IT/Ops risks within their respective domains. As a Risk and Compliance Manager, you play a crucial role in ensuring that Group IT operates within its defined risk appetite and complies with legal and regulatory requirements.

Your responsibilities include:

• Acting as the risk and compliance advisor for Product Managers and the management team, providing guidance on risk and compliance management strategies and practices
• Coordinating the testing of IT General Controls and advising management on the most suitable measures to limit or avoid IT risks
• Monitoring the risk appetite of Group IT and reporting on IT risks to senior management.
• Guiding teams through the risk assessment process, control design and monitoring, issue and incident management
• Translating NN Group requirements into pragmatic stepping stones for teams to use
• Being responsible for risk and compliance reports such as the quarterly Effective Control Framework, IT-Risk Report, the yearly in-control statement and compliance reports
• Reporting incidents related to Group IT to the regulator in the context of DORA
• Monitoring IT compliance by identifying risks in systems and processes
• Acting as the linking pin between the first line and second line, ensuring a smooth way of working
• Working together with the NN Business Units to ensure alignment on expectations
• Identifying ways to improve Group IT's risk and compliance management processes
• Ensuring risk and compliance awareness increases in all teams
• Providing training and workshops to employees on information security, IT risks, and compliance topics, contributing to a safer work environment and creating awareness among colleagues

What we offer you
NN invests in an inclusive, inspiring work environment and in skills and competences for the future. We match this with employee benefits that are in line with what is needed today and in the future. This way, we offer our employees the opportunity to get the best out of themselves. We offer you:

• Salary between €6,219 and €8,885 (based on a work week of 40 hours) depending on your knowledge and experience 13th month and holiday allowance are paid with your monthly salary
• 27 vacation days for a 5-day working week and one Diversity Day
• A modern pension administered by BeFrank
• Plenty of training and learning opportunities
• NS Business Card 2nd class, which gives you unlimited travel, also privately. Do you prefer to travel with your own transport? Then you can declare the kilometres travelled
• Allowances for setting up your home office and for internet use

Who you are

You thrive under change and uncertainty. Building something new is therefore right up your alley. You think along, make yourself heard and do not shy away from a challenge. You feel a natural urge to manage risks, so you are completely at home here. You take others with you in your enthusiasm and eagerness; That makes you an ideal team player. You also have:

• A bachelor's or master's degree in IT, Economics or Business Administration
• Experience in setting up and improving risk management processes for a minimum of 5 years
• Knowledge of Infrastructure developments, like Private and Public cloud
• Experience in engaging with stakeholders

Who you will work with

The team you will be working with, is responsible for the framework and monitoring of

Risk & Compliance within Group IT. You will have a lot of daily contact with Product Management and their employees of the various departments within Group IT and IT departments, including Business Security Officers, and Operational Risk Management (ORM).

Any questions?

If you have any questions about the job, you can reach out via phone or WhatsApp to Paul Eckhardt (Manager Monitoring & Reporting) at +31 6 29 01 38 05. Any questions about the process can be directed to Hester van Pelt, (senior talent acquisition specialist) at +31 6 51 33 59 17.