IT Risk Manager
IT Risk Manager
Who we are:
DEGIRO revolutionizes the way people invest; thanks to efficient technology, investors can trade with incredibly low fees. DEGIRO is a pan-European stock broker originally established in Amsterdam in 2008. Currently DEGIRO offers services to more than 320,000 clients across 18 countries in Europe.
DEGIRO is able to provide all investors with transparent institutional rates thanks to its innovative technology and cost-focused approach. We offer fees which are on average 80% lower than our competitors, while providing access to global stock exchanges, real time prices and super fast execution through our website and app. By reducing the barriers to entry and making it affordable to trade, DEGIRO makes global investing possible for everyone.
We’re increasing in business scale and organizational size at a blisteringly fast rate, and we now have a local presence in 3 cities: Amsterdam, Sofia, and Hong Kong.
Description of the role:
The IT Risk Manager makes sure that DEGIRO and its users are protected to the maximum extent possible against IT Risks and security threats that could jeopardize their integrity, privacy, reputation and business outcomes. Monitoring if IT risks are mitigated at a sufficient level, by identifying and reporting with regards to IT risk management.
The role entails the following activities:
-Managing and continuously improving the IT risk and control framework (e.g. periodic ‘brainstorm’ with the stakeholders’), with a significant focus on IT security and information risk.
-Monitoring the adherence of the IT department to the security risk and control framework, improving the maturity level of the organization. Monitoring IT & security events and follow-up on security-related incidents.
-Conducting Risk Analysis by performing security test & reviews, ensuring DEGIRO’s system, policy, process and procedure controls are continuously strengthened.
-Testing and reporting on operational effectiveness of IT control measures and KPIs,
-Supporting IT process owners with identification and measurement of KPIs and KRI’s.
-Improving IT risk awareness.
-Escorting external IT audits.
-Master degree in a relevant profession;
-Over 10 years of relevant working experience, e.g. in IT/Security risk-related roles in a changing environment;
-Professional English working proficiency.
-Thorough knowledge of IT Risk & Control Management, with specific experience in both internal and external IT security-related projects;
-Knowledge of current laws and regulations, such as AVG and WBNI;
-Familiar with ISO 27001;
-CISPP certificate is a pre.
-Relevant certification and education;
-A challenging fulltime job in an international and fast growing company;
-Competitive salary and the opportunity to earn a bonus.
Interested? For questions and/or expressing your interest, please contact Joep Corstiaensen. Email: firstname.lastname@example.org or mobile: +31 6 180 806 45