Booking.com

IT Risk and Control Officer

3+ months agoAmsterdam, Netherlands

Booking.com BV (the company behind Booking.com™, the market leading online hotel reservation service in the world), is in search for an IT Risk and Control Officer who will be part of our growing Risk & Controls organization.

We provide a fast-growing working environment, where continuous learning is key for your and Booking.com's development and growth. You will collaborate with other professionals that are experienced in the fields of Risk & Controls, IT Security and Internal Audit, who will help you to learn, grow and provide you the freedom to experiment. Such is also part of the culture of Booking.com.

B.responsible : key areas of responsibility will include, but are not limited to

  • Advise and challenge process and control owners on IT, security and business continuity related risks and on compliance with laws and regulations e.g., SOX, PCI and GDPR
  • Perform risk assessments for new products/initiatives and projects
  • Maintain a risk register and track risk exposures against risk appetite
  • Assist process and control owners in the identification, design, implementation and improvement of controls to mitigate risks and ensure compliance
  • Enable continuous improvement, maintaining our Booking.com controls framework, by providing general and technical guidance on how to maintain relevant controls
  • Embed ownership and awareness in 1st line of defense via training and communication to control owners
B.skilled
  • The ideal candidate will have a strong background in IT Risk Management, IT Frameworks, Governance and Controls
  • 5+ years of experience gained within compliance, internal controls or audit;
  • Business or IT/ Information security degree / certifications (CISSP, CRISC, CISA, or similar)
  • Practical experience on DevOps tools like Puppet, Jenkins, Git, Docker, or Kubernetes is essential
  • Audit and/or operational risk background (client-side experience in addition to consultancy experience is preferred)
  • Practical IT / Business integrated SOX framework, program experience, maintain risks & controls, familiar with control procedures, automation, monitoring, testing, collecting evidence and remediation activities
  • Hands on experience with large e-commerce or tech companies preferable
  • Familiar with ServiceNow, Google Suite, Jira tools (or similar)
  • Strong program management and stakeholder engagement skills (control/process owners, audit)
  • Ability to make decisions, assess and resolve problems effectively
  • Enthusiastic, self-starting and enjoys change
  • Independent & autonomous, while still a strong team player
  • Fully comfortable working in English, both written and spoken
B.offered

We are a performance-based company that offers career advancement and lucrative compensation, including bonus. We also offer what is called the "Booking Deal" with competitive benefits. This position is open to worldwide candidates and in the case of relocation, we will assist you with a generous relocation package, ensuring a smooth transition to working and living in The Netherlands.