IT Risk & Compliance Officer - Faber Halbertsma Group B.V.

The success of the organization is influenced by many different internal and external factors. For example, changes to strategy or complying with amended or new laws and regulations. It is very important for the organization to be able to respond to changing market conditions, so that growth opportunities are utilized and risks minimized. Building resilience through risk management and internal control is therefore essential.

Governance

• Formulate, maintain and test policies as part of the information security policy framework, such as Incident Response and Data Security Policy.
• Ensure quality and common applicability of the policies as well as alignment across Faber Group.
• Implement and maintain robust security measures to ensure the integrity, confidentiality, and availability of data.

Risk

• Identify and implement appropriate risk management frameworks such as NIST and ISO27001.
• Conducting internal and external audits to assess the effectiveness of IT controls, identifying vulnerabilities, and developing effective risk management strategies.

Compliance

• Stay up-to-date on the latest developments in IT risk and compliance and ensure proper communication to internal stakeholders.
• Ensure internal and external compliance and developing compliance programs enabling the organization to meet internal and external regulations.
• Foster a culture of continuous improvement within the organization.

The story began in 1891, when the Halbertsma family took up a new trade and started producing wooden barrels for butter. While the Halbertsma company flourished and gradually moved towards the production of pallets, the Faber family founded a similar business in Assen in 1935.

When in 1969 the Faber company was hit by an enormous fire, the company decided to shift its production focus to pallets as well. A great idea, as it turned out. In 1992, the two companies merged to form the Faber Halbertsma Group. Over the years, they have grown into today’s family of companies, providing a portfolio of sustainable pallet and pooling services and products.

Through a highly motivated workforce, excellent customer service and a focus on circularity and re-use of resources, they aim to reduce their CO2 footprint and provide complete peace of mind to the customers. Both with regards to their logistical challenges and their increasingly important sustainability goals. 

MISSION & VISION

A Faber they work together with their customers, so that they can focus on their core business. They innovate and invest in circular concepts to enhance environmental improvements. They have an ambitious corporate social responsibility program in place to create a positive impact, driven by their responsibility to carry with care.

You will be employed by YER and seconded to Faber Group.

• Attractive salary and secondary conditions (50-70K, depending on level of experience)
• Intercultural working atmosphere and family-like culture that values entrepreneurship
• Flat organizational structure where colleagues motivate each other and tackle problems together
• Festivities and events with (international) colleagues
• Flexible opportunities to support work-life balance
• Exceptional performance will not remain unnoticed and unrewarded
• Support your continuous development by learning and training opportunities including the YER Talent Development Programme with a personal coach
• Excellent guidance from your consultant and YER's back office
• Community/network with other professionals from a variety of multinationals
• Events and master classes with interesting speakers and attractive company

As an IT Risk & Compliance Officer, you strive to lay a solid foundation for a secure and compliance-focused IT environment, and you are determined to support organizations in navigating the complex world of IT risk and regulation. In your role you work closely with other IT and security professionals within the organization.

Your background includes extensive experience in risk management, regulatory compliance, and information security. With an in-depth understanding of the current threat landscapes, compliance standards, and best practices in the IT industry, you'll be able to take a proactive approach to identifying and minimizing risk.

Education

• Bachelor's/Master's degree in IT, Information Security or a related field.
• Certifications such as CIPM, CISM, or similar are a plus.

Knowledge & Experience

• Experience in conducting internal and external audits to assess the effectiveness of IT controls. Proficiency in developing and implementing improvement plans.
• Thorough knowledge of relevant laws and regulations, such as GDPR, NIS and local privacy laws.
• Experience implementing risk management frameworks such as NIST and ISO 27001.
• Experience with security audits and incident response.
• Strong communication skills to communicate effectively with both technical and non-technical stakeholders. Able to collaborate with different teams to achieve common goals.

Language

•  Proficiency in Dutch (MUST) and English
•  Proficiency is German is a pre