Skip to content
MVPeople Group Logo
MVPeopleGroup
GRC & Compliance

Cyber Risk & Compliance Manager

AmsterdamPermanentHybridSenioroverige
Apply nowAsk a question

About the assignment

You bridge the gap between security strategy and compliance reality. Organisations face increasing regulatory pressure (NIS2, ISO 27001, DORA, BIO 2.0) while managing cyber risks that threaten operations. Your role ensures both requirements converge into a resilient, audit-ready security posture.

You own the full cycle: assess risks, design controls, implement frameworks, monitor compliance, and report to leadership. You're hands-on but strategic—equally comfortable in policy documents and vendor meetings.

Your responsibilities

  • Design and implement cyber risk management frameworks aligned with ISO 27001, NIST, and COBIT standards
  • Develop compliance roadmaps for regulations (NIS2, DORA, BIO 2.0, ePrivacy) tailored to organisational context
  • Conduct risk assessments, identify control gaps, and prioritise remediation across business units
  • Manage GRC tools (ServiceNow GRC, Archer, or OneTrust) to track compliance status and audit trails
  • Prepare risk reports and board-level dashboards that translate technical findings into business impact
  • Coordinate with internal teams (IT, Legal, Audit) and external auditors on compliance validation
  • Define KRIs (Key Risk Indicators) and monitor ongoing security posture against regulatory baselines
  • Lead incident reporting procedures and document control effectiveness for regulators

Tech Stack & Tools

Platforms & Tooling

ServiceNow GRCArcherOneTrustSplunkSentinel

Frameworks & Standards

ISO 27001NIST Cybersecurity FrameworkCOBIT 2019NIS2DORABIO 2.0TIBER-EU

Cloud & Infrastructure

AzureAWS

Methodologies

Risk-based complianceControl mappingAudit managementThreat modelling

Certifications (preferred)

CISACRISCCISSPCISM

Must-haves

  • 5+ years in cyber risk, compliance, or GRC roles within regulated sectors
  • Proven experience implementing ISO 27001, NIS2, or DORA frameworks
  • Fluent in English (working language); Dutch preferred
  • Strong stakeholder management: boardrooms to technical teams
  • Certification (CISA, CRISC, or CISSP) or equivalent demonstrable expertise

Nice-to-haves

  • Experience with ServiceNow GRC, Archer, or comparable platforms
  • Background in financial services, energy, or critical infrastructure sectors
  • Knowledge of incident response workflows and breach notification procedures

What we offer

  • Lead risk strategy that shapes organisational resilience
  • Work across multiple business units and executive teams
  • Access to leading GRC platforms and compliance tools
  • Competitive salary and secondary benefits (details upon request)
  • Personal guidance from a dedicated MVPeople consultant who knows your niche

The process

1

Introduction

Phone call with your MVPeople consultant (within 24 hours)

2

Match & Brief

We discuss the assignment in detail and prepare you

3

Client meeting

Introduction to the client

4

Start

Contracting and onboarding

Details

Type

Permanent

Location

Amsterdam

Work model

Hybrid

Level

Senior

Industry

overige

Posted

24 March 2026

Contact

MVPeople Group

jobs@mvpeoplegroup.com
Apply nowMore information

Related vacancies

GRC & ComplianceConsultancy

Privacy & Security Project Lead

AmsterdamHybrid
View vacancy
GRC & ComplianceConsultancy

Information Security Officer – Security Office Lead

Zuid HollandHybrid
View vacancy
GRC & ComplianceConsultancy

Information Security Advisor

ZH, NLHybrid
View vacancy
Apply now