Skip to content
MVPeople Group Logo
MVPeopleGroup
IT Risk Management

Risk Manager Cybersecurity

Utrecht, UTConsultancyHybrideSenioroverige
Reageer directStel een vraag

Over de opdracht

You manage cybersecurity risks at enterprise level. You conduct risk assessments, prioritize vulnerabilities, and ensure risk responses align with business objectives and regulatory requirements.

You translate technical threats into business impact. You work across teams—from security operations to executive leadership—to establish risk frameworks, monitor emerging threats, and report to the board on the organization's security posture.

Jouw werkzaamheden

  • Conduct regular cybersecurity risk assessments using recognized methodologies (NIST, ISO 27001)
  • Quantify and prioritize risks based on likelihood, impact, and business criticality
  • Develop and maintain risk registers and heat maps for executive reporting
  • Monitor emerging threats, vulnerabilities, and regulatory changes affecting risk exposure
  • Drive remediation planning and track mitigation effectiveness across security domains
  • Design risk governance frameworks and risk appetite statements aligned with business strategy
  • Facilitate risk workshops with stakeholders to identify and assess organizational risks
  • Report risk metrics and trends to CISO, board committees, and external auditors

Tech Stack & Tools

Platforms & Tooling

ArcherServiceNow GRCOneTrustSplunkMicrosoft Sentinel

Frameworks & Standaarden

NIST Cybersecurity FrameworkISO 27001:2022ISO 31000 (Risk Management)COBIT 2019NIS2 DirectiveDORA

Cloud & Infrastructure

AzureAWS

Methodieken

Quantitative risk analysisThreat modelingVulnerability assessmentThird-party risk managementBusiness continuity planning

Certificeringen (pré)

CRISC (Certified in Risk and Information Systems Control)CISA (Certified Information Systems Auditor)CISSP (Certified Information Systems Security Professional)CISM (Certified Information Security Manager)

Must-haves

  • 5+ years managing cybersecurity or IT risk in enterprise environments
  • Expertise in risk assessment methodologies and risk quantification techniques
  • Hands-on experience with risk management platforms (Archer, ServiceNow GRC, OneTrust, or similar)
  • Deep knowledge of NIST, ISO 27001, and regulatory frameworks (NIS2, DORA, GDPR)
  • Proven ability to communicate risk to non-technical audiences and executives

Nice-to-haves

  • CRISC, CISA, or CISSP certification
  • Experience with threat intelligence integration and vulnerability management
  • Background in third-party/supplier risk management
  • Knowledge of business continuity and incident response planning

Wat wij bieden

  • Shape the security risk strategy of a growing organization
  • Work directly with C-suite and board committees on strategic risk decisions
  • Leverage modern risk platforms and governance tools
  • Collaborate with diverse teams: SOC, IAM, compliance, audit, and business units
  • Continuous learning through exposure to emerging threats and regulatory evolution
  • Personal guidance from a dedicated MVPeople consultant who knows your niche

Het proces

1

Kennismaking

Telefonisch gesprek met je MVPeople consultant (binnen 24 uur)

2

Match & Brief

We bespreken de opdracht in detail en bereiden je voor

3

Klantgesprek

Introductie bij de opdrachtgever

4

Start

Contractering en onboarding

Details

Type

Consultancy

Locatie

Utrecht, UT

Werkmodel

Hybride

Niveau

Senior

Sector

overige

Geplaatst

14 april 2026

Contact

MVPeople Group

jobs@mvpeoplegroup.com
Reageer directMeer informatie

Vergelijkbare vacatures

IAM / IGAConsultancy

Privacy & Permissions Officer

amsterdamHybride
Bekijk vacature
GRC & ComplianceConsultancy

IT Auditor

Apeldoorn, GEHybride
Bekijk vacature
IAM / IGAConsultancy

Teammanager Identity & Access Management (IAM)

AmsterdamHybride
Bekijk vacature
Reageer direct