Risk & Control Specialist Tech & Data

Combine warp-speed growth with bulletproof controls at bol

How do you make our customers happy?

We love rapid expansion at bol, but only when it’s carefully controlled. Our 13.7 million customers and 47,000 partners rely on us to comply with all relevant and constantly evolving regulations and keep their data secure at all times. In this role, you’ll co-design and refine the internal control framework that makes this possible, translating compliance requirements into controls that tech teams can implement without jeopardizing operational continuity. When new propositions launch or processes change, you’ll assess the potential risks and make informed decisions to ensure we remain in control while we scale. In short, you’ll build trust through smart, scalable controls that protect what matters most.

The biggest challenge

Fostering both entrepreneurship and control in an organization that evolves more in a year than most do in a decade. Changes present new opportunities but can also introduce new risks across our tech and data landscape. How can you design controls that scale with business models without creating friction? How can you push back on a new proposition when the risks aren’t sufficiently mitigated, and how can you help the business find creative solutions? You’ll need to challenge stakeholders respectfully, translate technical assessments into business language, and build heartfelt consensus around control measures.

What you'll do as the Specialist Risk & Control for Tech and Data

You’ll join the enthusiastic Risk & Control team within Legal, Risk and Compliance. Specifically, you’ll fortify the Tech and Data sub-team that focuses on IT general controls, application controls, and data governance risks. This puts you at the intersection of technology, data, and compliance, where you’ll have a bird’s eye view of crucial bol processes and be directly involved in key business changes.

Working with stakeholders across Finance, Legal, the Data Management Office, IT Security, the tech community, and counterparts at Ahold Delhaize, you’ll be the first point of contact for risk and control management. As such, you won’t write reports from an ivory tower. Instead, you’ll be embedded in the business, conducting risk analyses through incisive interviews, developing controls through collaborative workshops, and monitoring effectiveness through hands-on engagement.

The scope spans end-to-end processes from an IT perspective. You’ll develop, implement, and monitor IT controls (both general and application controls) that keep pace with our current business models and accommodate new propositions. This includes ensuring existing processes and controls remain relevant and functional. You’ll also serve as a key partner for internal and external auditors, helping business owners prepare for audits, following up on recommendations, and embedding control measures.

Key responsibilities:

• Connect with stakeholders across Finance, Legal, Data Management, IT Security, and business teams as the go-to expert for tech and data control
• Implement appropriate control measures with minimal impact on entrepreneurship and growth ambitions
• Conduct risk analyses and design proportionate, scalable controls for tech and data processes
• Develop, implement, and monitor IT controls (both general IT controls and application controls) across end-to-end processes
• Convey the importance of internal control to tech and data business owners and management with enthusiasm and clarity
• Serve as a key discussion partner for internal and external auditors, translating between technical audit-speak and business implications
• Help business owners prepare for audits, follow up on recommendations, and embed sustainable control measures
• Ensure that processes and controls remain correctly configured and effective as the business evolves
• Advise senior management on proposed changes and help business owners implement them pragmatically

Why you can make a difference

You combine 4+ years of experience as an (internal) consultant or (IT) auditor with proven stakeholder management expertise. You’ve worked in dynamic, IT-driven environments before and understand how to translate compliance requirements into practical controls that technical teams can work with. You can convey the importance of internal controls to any discussion partner, from developers to C-level executives, and you exude a true sense of business partnership that makes you a trusted advisor. You’re analytically strong and can quickly grasp complex processes, spotting internal control weaknesses and solving them pragmatically. While data analytics skills and knowledge of BigQuery/SQL are not hard requirements, they would definitely help. Lastly, the tougher the challenge, the more energized you become.

3 reasons why this is (not) for you

• Peace and quiet seeker: IT-driven, highly dynamic work environments? You prefer stability to constant evolution
• Superficiality specialist: Curiosity killed the cat, and you’re particularly interested in avoiding personal risks. If stakeholders only want to give you surface-level answers, that’s good enough
• Triple-check perfectionist: You need absolute certainty about everything before making decisions – pragmatism is a foreign concept

Control framework fanatic

• You design scalable, practical controls that protect the business without creating bureaucratic quagmires

Business translator extraordinaire

• You skillfully bridge the gap between compliance requirements and tech realities, making everyone feel heard and understood

Pragmatic challenger

• You know when to push back on risk exposure and when to help find creative solutions

Where you'll work

You’ll join Risk & Control, a team within Legal, Risk and Compliance that has expanded rapidly in the past 3 years. Specifically, you’ll work in the Tech and Data sub-team and frequently collaborate with colleagues from other sub-teams (Risk & Control non-tech, Fraud Risk Management, BCM) to tackle complex problems from multiple angles of expertise. You’ll also liaise with the broader Legal, Risk and Compliance department, IT Security, Data Management, and the Ahold Delhaize Audit team. The environment is professional yet informal – we value roles over job titles, bestow trust and responsibility generously, and focus on developing our people. Given our position as a market leader, navigating ambitious internal transformations and powerful market dynamics comes with the territory. Your role will only increase in visibility and importance and you can expect significant career advancement potential. Ready to combine growth and continuous innovation with robust controls? Show us how you’d tackle our challenges!

Perks of having a blue heart

Flexible working

We bring the best of both worlds together by working 50% at the office and 50% at home. This way, we find a balance between organisational and individual needs.

The culture and the office

Our colleagues work hard to make the daily lives of our customers easier and more fun. But of course, we do this in an inspiring and creative environment!

Your pension

Bol pays part of the basic pension and any top-up scheme.