Omschrijving

Senior GRC and Cybersecurity professional, with 15 years of leading industry and professional expertise gained working for numerous globally operating companies. Facilitator and builder of risk, compliance and audit management and governance focusing on Cybersecurity, with specialty in both start-up and mature international organizations. Proven experience and expertise in GRC solutions, international standards/guidelines and managing their successful implementations. Management of regulatory and non-regulatory compliance, policy dissemination, risk management (IT, financial, data privacy, security, operational), process designs and maturity assessments, gap analysis, remediation and board/management/governance reporting. Managing GDPR compliance efforts and Cybersecurity, conducting DPIAs and GDPR Self Assessments. Strong experience in stakeholder management.

Branche-expertise

Talen

Engels
Tweetalig / moedertaal

Voorkeuren voor werkplek

Kan op locatie werken

Amsterdam (tot 50km)

Mastercard-Europe
EU-Tech Risk Manager (TRM)/Snr. Consultant
juni 2024 - december 2025 (1 jaar en 6 maanden)
Brussels, BU, Belgium
✓ Successful development and implementation of risk management governance for Mastercard-Europe (MCE) to comply with regulatory requirements by implementing MCE specific Risk Management governance.
• • Development, documentation and implementation of risk management processes such as quarterly MCE periodic risk assessments, while leveraging and aligning with existing global Mastercard practices
• • Development, documentation and implementation of governance practices including establishment of MCE Tech Risk Management (MCE-TRM) Board and its reporting
• • Creation, review and approval of new MCE-TRM Charter (objectives, tasks/processes, attendees and facilitation)
• • Preparation and submission of quarterly MCE-TRM Board papers, its planning and facilitation
• • Creations and updates on MCE related Tech risks, maintaining them in Archer (EU) and OpenPages (to maintain global MC alignment)
• • Providing support to MCE Risk Tech Leads(s), 2LOD, Risk Owners in relation to MCE dashboards, KRIs, success factors, risk updates among others.
• • Risk assessments and risk governance reporting for Mastercard Nordic (Denmark&Norway)
DAF Trucks/PACCAR
Cybersecurity Supply Chain- Consultant
juni 2023 - december 2023 (6 maanden)
Netherlands
✓ Successful implementation of Cybersecurity in PACCAR/DAF Trucks for more than 3000 suppliers in relation to NIS2 compliance.
• • Identification and categorization of business critical suppliers and risk levels in Supply Chain
• • Review and adjustment of IT processes such as Incident Management with respect to security
• • Analysis of Internal Control Frameworks for suppliers to mitigate Cybersecurity risks (ISO27001,TISAX, NIST,+)
• • Contract clause reviews with respect to Cybersecurity requirements
• • Determining implementation aspects/scenarios for the chosen solutions in Supply Chain
• • Identification of User Requirements for the Certification Management tool that enables the business to monitor/report on (automatically) overall security posture in Supply Chain and the status of Cybersecurity controls in suppliers via automated Certification Management tool.
European Commission (EC)
GRC Advisor (DIGIT-S)
september 2021 - mei 2022 (8 maanden)
Belgium
✓ Delivery of Security related Compliance Services for EC Directorates (40+).
• • Process definition/documentation of Stakeholder (EC Directorates) Management
• • Definition / documentation of Compliance Services to support EC Directorates
• • Definition / documentation of IT Asset and Vulnerability Management Service to support EC Directorates
• • Pilot deployment of compliance services, training and support of security staff in Directorates.