Lead IT security and Risk (Business Analyst)

Data Foundation Tech – Lead IT security and Risk (Business Analyst)

Imagine stepping into their Data Foundation Tech department as the Lead IT Security and Risk. From day one, you're at the heart of their mission - safeguarding the bank and its customers against cyber threats keeping their IT in control, and playing a key role in realizing their ambition to be a rock-solid bank.
You'll support their security champions, fostering a culture of vigilance and resilience. You will support the tribe on various Security & Risk programs and initiatives, such as IT Way of Working, Life Cycle Management, In Control, IT4IT, and the Security Change Portfolio (SCP). Together with the Domain Manager and IT Leads, you will create and implement standards and policies.

It is their responsibility to deliver quality and support on continuity. You will have a steering role together with the Tech Leads in meeting the Security & Risk deliverables. You will do this by participating in the In Control Board and supporting the Squads with the implementation.

You will have to ensure that the entire tribe is complying with the IT Security Roadmap (with topics such as Security Management, Vulnerability Management, and Life Cycle Management. Next to this, you support IT Service Manager matters and compliance (Cloud/Azure, Archer, ITQ, and Audits).
With their expertise, you'll turn challenges into victories, navigating the ever-evolving landscape of IT risks and cyber threats.
But their impact doesn't stop there. You'll also be a trusted advisor, helping their management team and business stakeholders align IT strategies with business objectives. Their role is pivotal, their influence is tangible.
By taking ownership of these topics, you are making a difference by helping us improve their cyber defense and cyber security resilience, reduce risks, and be fully in control of their daily operations. You play a key role in realizing their IT strategy, their ambition to be a rock-solid bank, and with this their overall mission: growing a better world together.
This is more than a job - it's a calling. It's their chance to make a real difference in the dynamic world of the technology department. Are you ready to rise to the challenge? Apply today, and let's embark on this journey together.

One of the biggest assets of the bank is the data of its clients. To keep this data and the bank secure, the team needs to have an intrinsic and strong drive to continuously improve the security of their systems, tools, processes, and behavior.

Collaboration lies at the core of their Data Foundation Tech chapter, which oversees all IT development and operations within the Data Foundation Tribe. The tribe specializes in developing, implementing, maintaining, and delivering trusted data for consumers of Risk and Finance products and services, applying industry strength controls and leveraging best-in-class technology and while doing this they want to remain in control at all times.

Practical Examples
• Perform regular risk assessments and audits on their IT systems and processes, identify vulnerabilities, and propose mitigation strategies.
• Organize regular meet-ups, training sessions, and events for their security champions and Tech Leads, and provide them with the resources they need to perform their roles effectively.
• Advise the management team of Data Foundation Tech by providing comprehensive reports, discussing the current IT risk landscape, advising them on potential threats, and contributing to strategic decision-making.

Top 5 responsibilities
• IT Risk Management: Hands-on management of all IT risks in the organization, ensuring that all potential threats are identified, assessed, and mitigated in a timely and effective manner.
• Create awareness, and share knowledge and information: Help others with the right information (reporting), and contact details and help them to understand the impact, the need, and the expectations and help them grow and improve (continuously) in the Security field. You are capable of building bridges between various parts of the organization and know how to find their way to other teams independently. You are ambitious and continuously strive for improvement and growth. You are eager to learn and proactively share your knowledge with other colleagues.
• Represent the Tribe as Lead Security and Risk: in various meetings with counterparts from other Tribes and take the lead in organizing/engaging and empowering their own Security Champions.
• Community Development: Nurture and grow the community of security champions within the organization, fostering a proactive culture of risk awareness and IT security.
• Stakeholder Management: Collaborate with stakeholders in the Data Foundation Tribe and Tech domain, to understand their needs and risks, and provide them with guidance that is in line with standards and policies.

Knowledge and skills
• Education: A degree in IT, Computer Science, Cybersecurity, or a related field. Certifications such as CISSP, CISM, or CRISC are a plus.
• Experience: Previous experience in IT risk management, cybersecurity, or a related role. Experience in working in complex and corporate environments with a flexible and agile mindset and experience in the Agile Way of Working. Experience in the banking sector is highly preferred.
• Technical Skills: A self-starting and inventive attitude. Excellent complex problem-solving skills. Proficiency in IT risk management tooling and methodologies. Knowledge of banking IT systems, cybersecurity best practices, data privacy regulations, Cloud Technology (AZ-900), and Agile methodologies on team and organizational levels. Affinity with Information & Technology (Azure, Power BI, and ITSM) and affinity/experience with Security, Risk Management, and Compliance
• Communication Skills: Excellent communication skills both verbal and written in English and Dutch and interpersonal skills, with the ability to explain complex IT risks to a broad spectrum of stakeholders from non-technical to very technical, like developers.
• Leadership Skills: Strong leadership and team management skills, organizational skills & sensitivity, and coordination experience, with the ability to foster a sense of community and drive a security-focused culture. Excellent stakeholder management and collaboration.
• Strategic Thinking: Ability to understand the big picture, strong analytical skills, make strategic decisions, and provide valuable advice to the management team.