IT Security, Risk & Compliance Manager Rotterdam • Eneco

As an IT Security, Risk & Compliance Manager, you will be at the heart of Eneco’s digital strategy. You will ensure that the level of control that we implement in our Tech organization is visible to the rest of the organization, our external auditor and our main shareholder. Your role includes risk assessments, policy development, control implementation and fostering a first-time-right culture within the company. Collaborating with internal teams and external stakeholders, you will oversee Risk & Compliance frameworks, compliance reviews and risk mitigation strategies to protect our digital assets and customer data.

• Identifying Eneco wide IT Risks;
• Developing practical and good-to-implement controls within your area of expertise;
• Guiding Eneco colleagues in implementing (where possible automated) controls;
• Communicating and defending compliance policies to senior management and external stakeholders when necessary.
• Reporting control assessment results and have a creative mind on solving any deviations by improving the controls.

You are a strategic thinker with a strong understanding of IT risk management and compliance frameworks. You have a passion for IT risk management and security and a drive to implement best-in-class control solutions. Ideally, you bring:

• A degree in IT audit or a related field, with certifications like RE, CISSP, CISM, or CISA as a plus;
• At least 3 years of experience in IT audit, risk management, or compliance roles;
• Proven expertise in security governance, risk assessment, and compliance with industry standards such as ISO 27001, NIST and (J-)SOX;
• Strong stakeholder management and communication skills to influence control execution across the organization;
• A proactive mindset to anticipate risks and implement effective mitigation strategies.

You will be part of Eneco’s dynamic Tech team, working closely with IT, legal, and business leaders to ensure a secure and compliant digital environment. You are working with 10-12 colleagues where half is concerned with IT Security and the other half with IT Risk & Compliance. Eneco is on a mission to be climate neutral by 2035, and technology plays a crucial role in this transformation. You will have the opportunity to shape a strong compliance culture in an organization that values innovation, collaboration and sustainability.