Freelance Cyber Security Implementation Consultant (ZZP)
Vanderlande is investing heavily in developing its internal control disciplines; not only to comply with rules and regulations, but also to further improve and harden our customer solutions. One of these disciplines is cyber security.<br/><br/>You are responsible for embedding and implementing the Vanderlande Information Risk Management Framework (IRM Framework). It means driving and monitoring the process of Domain (Cyber) Risk Analyses, Process walkthroughs & risk assessments, defining key-controls and training control owners.<br/><br/>The IRM Framework, that is based on ISO27k, has been established and contains the structure of control objectives to mitigate the (main) cyber risks.<br/><br/>Using a phased- and risk-based approach we are addressing the main priorities and implementing these control objectives in the business/first line.<br/><br/>This approach & methodology is heavily linked to the current Enterprise Risk Management initiative. This aims to implement a harmonized approach to identifying and managing risks within the organization.
You will be part of the Corporate Strategy and Transformation (CST) team of Vanderlande, reporting to the Program Manager of the Cyber Program.<br/><br/>In this role, you have the following responsibilities:<br/><br/>Support the Governance & Frameworks stream within the Cyber Transformation program;<br/><br/>Perform process walkthroughs and operational risk assessments within the Vanderlande Business Domains;<br/><br/>Assess key (cyber) risks as well as identify and define mitigating key controls at process level;<br/><br/>Drive and facilitate the implementation and embedding of controls towards the control executors in the first line.<br/><br/>Train and implement control executors to execute (periodically) and proper document key controls<br/><br/>Assist on shaping and delivering communications and change efforts aimed to make the implementation and embedding of the IRM framework a success,<br/><br/>Track, report completion of deliverables, signal and anticipate on risk and impediments.<br/><br/>To succeed in this role, you should have the following skills and experience (To be mentioned in motivation letter):<br/><br/>Strong track record in Information Risk Management and Process Controls in large-scale organizations.<br/><br/>Experience of ERM methodologies and Risk Frameworks.<br/><br/>Experience in understanding IRM frameworks and translating these towards concrete controls / measures appropriate to the nature of business operations.<br/><br/>Self-starting and pragmatic, with a proven ability to be an independent contributor, ambassador, pioneer and sparring partner.<br/><br/>Structured, organized and stress resilient personality able to quickly understand the issues and find appropriate countermeasures.<br/><br/>Flexible and adaptable; able to work in ambiguous situations.<br/><br/>Exceptional communication skills, both written and verbal and excellent active listening skills and also able to convince decision makers to act accordingly.<br/><br/>A team player and able to work effectively at all levels in an organization.<br/><br/>An excellent command of the English language (both verbal and written). Dutch or other languages would be advantageous.<br/><br/>University degree (Masters degree) preferably in Information Technology, (IT) Audit, Control<br/><br/>
We schrijven zelden, maar alleen de beste inhoud.