Information Security Expert

ABN AMRO is looking for an Information Security Expert who wants to play an important role in making sure that third parties don’t impact the bank. You will be responsible for managing, monitoring and reporting on the performance and status of the security posture of vendors and improving the service. This is a challenging role for someone who likes to dive into complex processes and is strong in cooperation and stakeholder management to help keep the vendor portfolio safe.

At a glance

You can imagine that security is a major asset within the bank.

Your job

What does your working day look like?

• The team works according to the DevOps & Agile methodology.
• You are working on improving the Supply Chain Security services, based on user stories.
• Occasionally there are incidents that occur that you are going to look into.
• For your work you often engage with various stakeholders such as other IT departments, business colleagues and software suppliers.

Key responsibilities in your work contain:

• Govern and manage IT vendor relationships in terms of performance regarding the security aspects of the underlying contractual obligations.
• Execute Vendor Security Risk Assessments and perform follow-up actions. Focus on the risks that matter, translate them into the business context and help your stakeholders address security challenges.
• Ensure that information security risks are identified and managed effectively throughout all stages of the relationship with external vendors.
• Review the applicability and quality level of assurance reports issued by third parties.
• Ensure continuous improvements are achieved both in the quality of reporting and service provided by the third party.
• Manage the IT security-related part of a contract with the third-party provider. Work together with functions such as legal, risk and procurement on contractual changes.
• Help solve security-related questions, take initiative and escalate in time if needed.
• Signal improvements related to the way of working inside the team and contribute to improving the excellence of the service offering.
• Stay up to date with emerging cybersecurity trends and the latest developments in technology, information risk and threats, actively share this knowledge with your colleagues and help determine if and when to integrate them into the assessment program.

Working environment

You will join the Supply Chain Security (SCS) team, part of the Corporate Information Security Office (CISO) department, within the Cyber Defence grid. CISO is responsible for the bank's information security globally, across all subsidiaries and countries. The Cyber Defence grid is responsible for the security operations activities of ABN AMRO, and within the team you continuously provide visibility into the security posture of the bank’s vendors. The Supply Chain Security team members are experienced in information security and vendor relations.

The SCS team currently consists of 20 members with different nationalities and is ready for further expansion. The working language within the team is English.

Your profile

You're a hands-on, self-organized team player who's willing to finish and deliver. You describe yourself as a service-oriented professional, enjoy taking on an internal consultancy role and are able to manage stakeholders naturally. In addition, you have a strong ability to translate technical risks into business risks and vice versa.

To be successful in this position, you should recognize yourself in the following requirements:

• 5+ years of experience with setting up projects and deliverables within supply chain security / TPSRM.
• 5+ years of experience with executing information security risk assessments.
• Knowledgeable in one or more areas such as security processes, technology architectures, network security, application security and vulnerability management.
• Good communication skills.
• Analytical skills.

We are offering

Joining ABN AMRO means stepping into a role with impact, supported by employment conditions that foster job satisfaction, development and wellbeing.

• An excellent pension scheme, ensuring that you are well prepared for the future.
• Flexibility in working: working from home is possible in consultation with your team and depending on your role. An ergonomic home office setup will be provided.
• Plenty of room for relaxation with five weeks of vacation per year, supplemented by two mandatory days off. You can also purchase up to four additional weeks of vacation annually.
• Five “Banking for better days”: extra days off that you can use for personal development or volunteer work.
• Personal development is key: you receive a development budget of €1,000 per year, which can accumulate up to €3,000.
• An annual public transport pass with free public transportation throughout the Netherlands for both business and private use.
• An extensive employment package.
• Regie op eigen ontwikkeling.