Skip to content
MVPeople Group Logo
MVPeopleGroup
IT Risk Management

Risk Manager Cybersecurity

Utrecht, UTConsultancyHybridSenioroverige
Apply nowAsk a question

About the assignment

You manage cybersecurity risks at enterprise level. You conduct risk assessments, prioritize vulnerabilities, and ensure risk responses align with business objectives and regulatory requirements.

You translate technical threats into business impact. You work across teams—from security operations to executive leadership—to establish risk frameworks, monitor emerging threats, and report to the board on the organization's security posture.

Your responsibilities

  • Conduct regular cybersecurity risk assessments using recognized methodologies (NIST, ISO 27001)
  • Quantify and prioritize risks based on likelihood, impact, and business criticality
  • Develop and maintain risk registers and heat maps for executive reporting
  • Monitor emerging threats, vulnerabilities, and regulatory changes affecting risk exposure
  • Drive remediation planning and track mitigation effectiveness across security domains
  • Design risk governance frameworks and risk appetite statements aligned with business strategy
  • Facilitate risk workshops with stakeholders to identify and assess organizational risks
  • Report risk metrics and trends to CISO, board committees, and external auditors

Tech Stack & Tools

Platforms & Tooling

ArcherServiceNow GRCOneTrustSplunkMicrosoft Sentinel

Frameworks & Standards

NIST Cybersecurity FrameworkISO 27001:2022ISO 31000 (Risk Management)COBIT 2019NIS2 DirectiveDORA

Cloud & Infrastructure

AzureAWS

Methodologies

Quantitative risk analysisThreat modelingVulnerability assessmentThird-party risk managementBusiness continuity planning

Certifications (preferred)

CRISC (Certified in Risk and Information Systems Control)CISA (Certified Information Systems Auditor)CISSP (Certified Information Systems Security Professional)CISM (Certified Information Security Manager)

Must-haves

  • 5+ years managing cybersecurity or IT risk in enterprise environments
  • Expertise in risk assessment methodologies and risk quantification techniques
  • Hands-on experience with risk management platforms (Archer, ServiceNow GRC, OneTrust, or similar)
  • Deep knowledge of NIST, ISO 27001, and regulatory frameworks (NIS2, DORA, GDPR)
  • Proven ability to communicate risk to non-technical audiences and executives

Nice-to-haves

  • CRISC, CISA, or CISSP certification
  • Experience with threat intelligence integration and vulnerability management
  • Background in third-party/supplier risk management
  • Knowledge of business continuity and incident response planning

What we offer

  • Shape the security risk strategy of a growing organization
  • Work directly with C-suite and board committees on strategic risk decisions
  • Leverage modern risk platforms and governance tools
  • Collaborate with diverse teams: SOC, IAM, compliance, audit, and business units
  • Continuous learning through exposure to emerging threats and regulatory evolution
  • Personal guidance from a dedicated MVPeople consultant who knows your niche

The process

1

Introduction

Phone call with your MVPeople consultant (within 24 hours)

2

Match & Brief

We discuss the assignment in detail and prepare you

3

Client meeting

Introduction to the client

4

Start

Contracting and onboarding

Details

Type

Consultancy

Location

Utrecht, UT

Work model

Hybrid

Level

Senior

Industry

overige

Posted

14 April 2026

Contact

MVPeople Group

jobs@mvpeoplegroup.com
Apply nowMore information

Related vacancies

IAM / IGAConsultancy

IAM Solution Architect

Arnhem, GEHybrid
View vacancy
IAM / IGAConsultancy

IAM QA Specialist

Arnhem, GEHybrid
View vacancy
GRC & ComplianceConsultancy

Programmamanager Cybersecurity Strategie

Rotterdam, ZHHybrid
View vacancy
Apply now