IT Risk Officer (Freelance, preferably Dutch speaking)

Benefits

Additional Information

Group CISO is looking for a first line IT security risk officer, who is able to play a key role in strengthening how the organisation understands, reports, evidences, and improves its IT and cyber risk position. The role is responsible for coordinating and improving key risk and assurance reporting activities, including Group Technology Risk Reporting. internal and external cybersecurity audits, the Group IT In Control Statement, quarterly reporting across the Cyber Risk Domains, and the further development towards a more SOC 2-based assurance reporting model for all departments in the Group IT organization. You operate close to the (Business Unit) Security Officers, senior management, second line risk functions (IRM/ORM), internal audit (CAS), external auditors, and other stakeholders across NN Group. Your focus is to translate complex IT and cyber risk information into clear, reliable, traceable, and actionable reporting. This is a freelance assignment for 36 hours per week until 31-12-2026. What you are going to do This role is to help NN Group IT demonstrate that it is effectively managing IT and cyber risks from a first line perspective. This includes improving the quality of risk reporting, defining and maintain key risk indicators, ensuring timely collection and validation of evidence, supporting audit readiness, and providing senior management with clear insight into risk posture, control status, and required actions. This role helps ensure that IT and cyber risk reporting is clear, consistent, timely, traceable, and decision-ready. It supports management accountability by bringing together risk data, audit evidence, control status, and cyber risk domain reporting into a coherent assurance view. Risk reporting and assurance Coordinate and prepare Risk management reporting for NN Group IT Support the creation and ongoing improvement of the Group IT In Control Statement Prepare and coordinate quarterly reporting on the Cyber Risk Domains within NN Group IT Drive the yearly strategic risk assessments for Group IT Translate risk, control, and assurance information into clear management reporting Improve the quality, consistency, traceability, and reliability of IT and cyber risk data Support the transition towards a more SOC 2-based assurance reporting approach, including reporting structure, evidence collection, control mapping, and stakeholder alignment Cybersecurity audits Coordinate and support internal and external cybersecurity audits Work with control owners, Security Officers, IT teams, and management to collect, structure, and validate audit evidence Track audit requests, findings, actions, deadlines, dependencies, and follow-up activities Ensure that audit and assurance activities are properly planned, documented, and delivered on time Challenge incomplete, unclear, or inconsistent evidence before it enters the formal audit or assurance process Stakeholder alignment Work closely with (BU) Security Officers, senior management, second line risk, internal audit, and external auditors Proactively reach out to stakeholders to collect input, clarify expectations, and resolve gaps Help senior management understand the current cyber risk position, key themes, emerging issues, and required actions Build strong working relationships across teams to keep risk reporting timely, accurate, and useful Act as a linking pin between technical IT and security teams and risk, governance, and assurance stakeholders Planning, coordination, and improvement Maintain clear planning for recurring reporting cycles, audits, evidence requests, and management deliverables Monitor deadlines and follow up proactively on open actions and dependencies Improve reporting templates, dashboards, data flows, and documentation standards Identify opportunities to simplify, automate, or improve risk reporting processes Use data reporting tools to create better insight into risk trends, control performance Explore opportunities to use AI-enabled tooling for analysis, reporting, summarization, data quality improvement, and reporting efficiency What we offer you Our people are the driving force behind our organisation. We value the knowledge and expertise you bring. We believe that your temporary commitment can take our organization to a higher level. We offer you: Competitive hourly rate depending on your knowledge and experience An assignment until 31-12-2026 Hybrid way of working, partly from home and partly from the office in the Hague (at least 2 days a week. Office days are flexible) International working environment with loads of knowledge sharing

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at nngroup? Share your experience