IT Risk and Control Officer - FinTech

About the role

Booking.com BV (the company behind Booking.com™, the market leading online hotel reservation service in the world), is in search of an IT Risk and Control Officer who will be part of our growing second line Risk Management function and will be focussed on supporting the Fintech business unit.

We provide a fast-growing working environment, where continuous learning is key for your and Booking.com's development and growth. You will collaborate with other professionals that are experienced in the fields of Risk & Controls, IT Security and Internal Audit, who will help you to learn, grow and provide you the freedom to experiment. This is also a key part of the culture at Booking.com.
B. responsible

IT Controls:

• Support business units to understand risks according to SOx, Security, GDPR, business continuity, PCI-DSS etc. requirements and assist them in determining optimal controls to mitigate risks in the FinTech environment

• Coordinate risk assessments for new products/platforms based on Booking.com ERM Framework

• Support the business to design controls based on risks in support areas for the IT and business processes

• Monitor changes occurring to the platforms and processes to guide stakeholder to aim sustaining compliance by design

• Provide support in the design, implementation and amendment of controls in complex IT environments

• Support coordination of Internal Audit and External Audit efforts with the business

• Embed ownership and awareness in 1st line of defense via training and communication to control owners

• Drive the continuous improvement of our Booking.com controls framework by providing general and technical guidance on how to maintain and enhance relevant IT controls

B. skilled

• 5+ years of experience gained within compliance, risk management, internal controls or audit
• IT degree / certificates (CISA, CISM, CISSP, CRISC, etc.)
• Practical Risk Management experience with DevOps or open-source tools like Puppet, Jenkins, Gitlab, Github, Docker, or Kubernetes
• Audit or operational risk management background, having experience with SOx
• Familiar with applicable IT frameworks (COBIT, ITIL, NIST, ISO 27001, 20000, 22301, etc)
• Familiarity with designing controls for Cloud platforms is a big plus
• Experience working in regulated environments or the Banking and Financial services sector is a plus
• Hands on experience with leading risk assessments and financial audits in a technologically dynamic environment
• Strong stakeholder engagement skills (control/process owners, audit)
• Demonstrates the ability to make decisions, assess and resolve problems effectively
• Enthusiastic, self-starting and thrives in changing, agile environments
• Fully comfortable working in English, both written and spoken

B.offered

We are a performance-based company that offers career advancement and lucrative compensation, including bonus. We also offer what is called the "Booking Deal" with competitive benefits. This position is open to worldwide candidates and in the case of relocation, we will assist you with a generous relocation package, ensuring a smooth transition to working and living in The Netherlands

**Pre- Employment Screening:

**If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.