Senior Policy & Control Officer

Department

We are looking for a candidate for the position of Senior Policy & Control Officer within Robeco’s Digital Policy, Control & Resilience department to strengthen our digital policy framework and enhance the level of internal control within Robeco. As a seasoned IT governance specialist, policy maker or operational risk manager you are ready for your next step in actively promoting good corporate governance.

Digital Policy, Control & Resilience is a staff department within the COO domain to focus on Robeco-wide policies and control for optimal use of data and technology and ensuring operational resilience. The department contains various functions, including IT control officer, digital policy officer, information security officer, cybersecurity analyst, and data governance officer. The department head is also Robeco’s Chief Information Security Officer (CISO).

Within this department, information security officers and cyber security analysts are responsible to manage security oversight & operations, security monitoring & testing, identity & access management, cyber security & analytics and business continuity. Policy & Control officers are responsible to provide policies and controls for optimal use of data, technology and information security taking into account the Robeco (Digital) strategy, newly available technologies such as cloud computing and artificial intelligence, third party assurance, regulations and other relevant trends.

Position & Requirements

We are looking for a Senior Policy & Control Officer who is responsible for developing the policy framework, which includes data and technology standards and guidelines. Somebody who follows market trends, emerging digital technologies and regulations with an eye on innovation, connects with relevant communities and acts on a tactical / strategic level and have good reporting skills towards senior management. The responsibilities start with analyzing the impact of new developments and  digital technologies on the organizations’ processes, identifying risks, and proposing measures to mitigate them. This includes implementing policy and control programs, creating awareness, educating staff, supporting implementation, monitoring and reporting adherence to policies. You organize formal governance boards, such as the IT Board. A specialist who can work with both business and IT staff working DevOps with new technology and using cloud services. The Senior Policy & Control Officer works closely together with other functions, including other (junior) Policy & Control Officers, Information Security Officers, Security Architect, Risk Managers, Compliance Officers and Outsourcing Suppliers.

• Bachelor’s or Master’s degree in business administration, auditing, or related field (e.g. RO, RE);
• 10 years working experience of which 5 years in governance and control;
• Knowledge of governance frameworks, methodologies and good practices;
• Knowledge of IT and/or operational audit and assurance;
• Knowledge of IT and data related policies and standards and relevant regulations (Wft, DORA);
• Experience in regulatory environment, such as financial services (DNB, AFM) is a pre;
• Experience in consulting is a pre;
• Proficient in the Dutch as well as English language (written and spoken);
• Minimum availability of 4 days per week / 32 hours;
• Hybrid working including working from Rotterdam at least 3 days a week.

Competences

• Strong analytical and writing skills;
• Structured and organized;
• Proactive and initiative;
• Strong communication and reporting skills and ability to educate staff and create awareness;
• Ability to influence without having control;
• Stakeholder management skills;
• Change management skills;
• Organization sensitivity;
• Trusted advisor and a strong team player.