Risk and Compliance Officer

Location

Diemen (Amsterdam, NL)

Department

Information Security & Compliance

Date

6 January 2020

Apply

Share this job

 

Wanted: Risk and Compliance Officer excited to shape the future of mobility!

 

Our drive 

We love cities. And we’re doing something to make our cities healthier, cleaner and more liveable. How? By providing parking solutions that are simple, quick and effortless. Today, PARK NOW is the world’s leading provider of on-demand mobile payments for on- and off-street parking. We make life easier for more than 17,000,000 drivers in over 700 cities in Europe.

 

About the role/team

At PARK NOW, we take privacy and data security very seriously. We are committed to protect and secure all our customer and employee financial and personal data. We are ISO9001, ISO27001 and PCI DSS certified. Plus, you will have the commitment and support from our board for all security-related matters.

Our multi-national InfoSec team is looking for a Risk and Compliance Officer. As part of the Information Security & Compliance department, the Risk & Compliance Officer manages the design and implementation of Enterprise Risk Management and Third-Party Risk Assessments. 

You work closely together with Heads of Departments and delegates ensuring compliance with regulatory, organizational and commercial requirements governing the organization’s processes, information technology systems and applications. We are talking about being a risk advisor, leading audits (PCI-DSS, ISO 27001 and ISO 9001) and qualifying assessments and compliance throughout.

You are responsible for establishing, maintaining and improving compliance programs to ensure that information assets and associated technology, applications, systems, infrastructure and processes adequately protected, to ensure that the organization’s practices remain compliant with all applicable laws and regulations. You also assist in the annual internal audit program and conduct internal audits.

 

Responsibilities:

  • Conduct risk assessments including and documenting controls (KRI’s), identifying potential gaps and or inconsistencies and making sound recommendations for improvement and/or migration.
  • Communicate risk posture to Risk Owners and Risk Committee on a scheduled basis.
  • Conduct internal audits
  • Perform gap analyses within Information Security for adherence to controls, policy, procedures, and standards.
  • Follow up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure appropriate remediation measures have been taken.
  • Support the tools and processes involved in Information Security risk assessment, management, and governance.
  • Assist in ensuring that our security and compliance accreditations PCI DSS, ISO 9001 and ISO 27001 accreditations & ISEA3402 are achieved and maintained
  • Identify the associated compliance control gaps and oversee the documentation, implementation, and testing of the entire compliance control portfolio
  • Coordinate audit-related tasks such as ensuring the readiness of managers and their organisations for audit testing and facilitating the timely resolution of any audit findings.

 

Knowledge and Skills:

  • Understanding of information security concepts, protocols, industry best practices, and strategies.
  • Strong analytical skills in order to analyse security requirements and relate them to appropriate security controls.
  • Knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls;
  • Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with all layers of the organisation;
  • Understanding of Private and Public-sector information security/privacy standards and frameworks (Example: PCI-DSS, ISO 27001, NIST Cybersecurity Framework, CSA CCM)
  • Demonstrate a positive, results-driven team approach.
  • Excellent communication skills including presentation skills and ability to articulate ideas clearly and simply both at a technical and business level.
  • Pro-active/self-starter, capable to work with minimal supervision.

 

Experience:

  • Minimum of three years of relevant experience
  • A bachelor's degree in information systems or equivalent; M.B.A. or M.S. in information security is preferred.
  • Experienced with ISO 27001 and PCI-DSS.
  • Audit training and/or audit certifications (internal auditor).

 

Our offer 

Want to be part of a dynamic fast-growing scale-up and global, urban mobility leader? Yes! Want to make an impact? Yes!

We offer a lot of autonomy and room to develop your talents. We know our people are at their best when they enjoy a good work-life balance, which we fully support. You can expect great employment benefits, including a mobility plan, weekly bootcamps, monthly massages, lunch, Friday beers and snacks, daily fresh fruit, fun team events and much more!

 

PARK NOW. We are driven to improve. Come join the ride!   

 

Apply now  

 

Share this job