IT Risk and Compliance Officer

Unit and department
The Security, Risk, and Compliance (SRC) department within TenneT’s Business Technology Organization (BTO) is a critical function that ensures the secure, compliant, and resilient operation of TenneT’s IT systems and processes. As a trusted partner to the organization, SRC plays a pivotal role in safeguarding TenneT’s information assets, mitigating risks, and ensuring compliance with applicable regulations, standards, and internal policies. As part of the Business Technology Organization, the SRC department ensures that TenneT’s IT systems and processes are not only efficient but also resilient and compliant in a dynamic regulatory environment. By enabling proactive risk management and compliance adherence, SRC supports TenneT’s mission to deliver reliable and secure energy transmission services across its regions of operation.

Tasks and responsibilities
– Serve as a trusted advisor for IT teams, providing guidance on risk management, audit, and compliance while collaborating with other Risk and Compliance Officers across departments.
– Execute and manage the risk management process within the unit, maintaining the risk register in line with the organization’s methodology.
– Support first-line operational teams in applying audit methodologies, designing IT controls, and implementing mitigation measures, while monitoring progress with action owners.
– Coordinate and review control self-assessments to ensure effective and consistent execution across teams.
– Enhance IT risk awareness by promoting initiatives and providing targeted guidance.
– Conduct independent quality monitoring checks to evaluate the effectiveness of implemented processes and controls.
– Oversee compliance with laws, regulations, standards, and audit recommendations within the unit.
You will be driving the strategic standardization and centralization of IT risk management practices across all TenneT departments, fostering synergy and ensuring a unified approach where all units prioritize IT risk management and compliance with the same level of importance as BTO. Ideal candidates will have experience in a similar position within a Big 4 consultancy firm or other reputable consultancy/advisory organizations, bringing strong expertise in advising on IT risk management, compliance, and process standardization. By the end of the assignment, the strategic risk management plan will be updated, ensuring that all risks and compliance measures are current. Additionally, the compliance overview will be enhanced, and valuable insights and vulnerabilities will be identified and delivered to strengthen the organization’s risk management framework.

Good to know
– The role is hybrid. 1 x fixed office day, currently Thursday but that might change. Flexibility is expected.
– There will be 2 interviews: 1 x online and 1 x onsite.
– Team: 6 members, international, diverse, with a flat hierarchy.
– The candidate is expected to use their own laptop for this role.
– At entry, TenneT performs a Pre-Employment Screening.

Additional information
– Suppliers must be aware of the laws and regulations regarding employment conditions and Tennet’s Collective Labour Agreement. This assignment is placed in scale 9.
– We would like to receive the personal motivation of the candidate and CV in English or Dutch.

Screening
– Pre-employment screening: If the candidate is selected to start, a pre-employment screening will be executed. We will send you the required documents to be filled in and returned as soon as possible. Your candidate is only allowed to start after the pre-employment screening has been completed successfully.
– All submitted candidates must be in possession of a valid Passport or ID card, which must be taken along to the interview and at the start of the assignment.

Availability
– Important, the candidate has to be available throughout the entire duration of the assignment.
– By submitting a candidate, you are agreeing to the terms of this specific client. If you are not familiar with these terms, you can ask our recruiters for a copy.

Eisen

• Sterke expertise en praktische ervaring in risicomanagement (minimaal 5 jaar in een vergelijkbare rol), met een bewezen vermogen om risico’s effectief te identificeren, te beoordelen en te mitigeren.
• Sterke vaardigheid in procesmanagement en compliance binnen het IT-domein, waarbij wordt gezorgd voor afstemming met organisatiedoelen en wettelijke vereisten.
• Vermogen om zelfstandig te werken en effectief te communiceren met diverse belanghebbenden, waarbij snel kernproblemen worden geïdentificeerd en aangepakt.
• Gedegen kennis van raamwerken zoals ITIL 4, COBIT 2019, ISO 31000, GDPR, ISO 27001 en NIST.
• Bewezen ervaring in IT General Controls en IT/Informatiebeveiligingsrisicomanagement.
• Relevante certificeringen zoals CRISC, CISA of CISM zijn een pluspunt.
• HBO/WO-niveau opleiding of operationeel niveau, bij voorkeur met een afgeronde opleiding in Informatietechnologie, Informatiebeveiliging, Algemene Beveiliging of Bedrijfskunde. Dit is een pré.
• Uitstekende sociale en communicatieve vaardigheden, met het vermogen om een intern en extern netwerk op te bouwen en te onderhouden.
• Aangetoonde vaardigheid om trends, ontwikkelingen en kansen in de markt te identificeren en deze om te zetten in bruikbare inzichten voor TenneT.
• Hoge vaardigheid in het Engels, Nederlands is niet verplicht.
• De kandidaat wordt verwacht hun eigen laptop te gebruiken voor deze rol.
• Bij aanvang voert TenneT een Pre-Employment Screening uit.
• Alle ingediende kandidaten moeten in het bezit zijn van een geldig paspoort of identiteitskaart, die moet worden meegenomen naar het interview en bij de start van de opdracht.
• Belangrijk, de kandidaat moet gedurende de gehele duur van de opdracht beschikbaar zijn.

Wensen

• Proactive
• Great communicator
• Open minded and flexible
• Ambitious and driven
• Involved and motivated