Nationale-Nederlanden is hiring an Information Risk Management specialist. This position is part of the Second Line of Defense, responsible for ensuring the organization identifies and manages information and technology risks effectively. You will translate complex security and regulatory developments into clear, actionable guidance so the business can operate securely and confidently.
What You'll Do
- Monitor the implementation of IT security policies, standards and frameworks (COBIT, ISF, ISO 27001, ISO 27002).
- Interpret and explain regulatory requirements (GDPR, DORA, AI Act, EIOPA).
- Assess the design and effectiveness of IT controls, processes and architectures.
- Analyze outcomes from penetration testing, vulnerability scanning and threat modelling.
- Support IT risk assessments for projects and major technology changes.
- Review security alerts and ensure adequate remediation.
- Perform vendor risk assessments with asset owners.
- Follow up on remediation from audits and compliance assessments.
- Analyze IT incidents and contribute to lessons learned.
- Advise senior management and business units on IT risk and information security topics.
- Contribute to AI-related initiatives from a risk-management perspective.
What We're Looking For
- At least 4 years of experience in IT Risk Management, Information Security, IT Audit, or similar fields.
- Strong understanding of security frameworks, regulatory environments and risk-management practices.
- Ability to translate technical cybersecurity risks into clear guidance.
- Confidence working with both technical and business stakeholders.
- Analytical mindset and a proactive approach to improvement.
- English proficiency to collaborate with international teams.
Benefits & Compensation
- Hybrid work model and flexible schedule.
- Continuous learning and support for security certifications.
- Life insurance, pension plan and flexible compensation.
- Telework and meal allowance, wellness programme and volunteering.
- Free parking for car, electric charging, motorbike and bicycle.
- Digital culture and agile methodologies.
Work Mode
This is a hybrid role based in Spain, offering flexibility in work location and schedule.
Nationale-Nederlanden is an inclusive organization offering equal opportunities, regardless of race, cultural background, gender, gender identity, religion, national origin, age, disability, marital status, and sexual orientation.
