IT DP & IS Expert

Are you our new colleague? We’re looking for a 

Data protection & information security auditor at Randstad Global
Diemen - Netherlands, hybrid, fulltime

people at the heart of everything we do

 Working at Randstad is unlike working at any organization. Because at Randstad we put people at the heart of everything we do. This goes for our clients, our talent, our employees and society. We combine our passion for people with the power of today’s technologies. This helps us support people and organizations in realizing their true potential. We call this partner for talent..

Learn more about our mission, history and values on our website: www.randstad.com 

BR&AF

The business risk and audit function (BR&AF) provides assurance and recommendations to the Executive Board and the Audit Committee on Randstad Group’s (risk) management, control and governance practices. Therefore the department facilitates in setting governance standards. It provides advice on internal control improvements, it conducts audits, special investigations and assignments worldwide on request of the Executive Board and Audit Committee. BR&AF’s responsibility includes the quarterly reporting based on: the risk and internal control self assessments, audit results, discussions on internal control weaknesses and analysis of the key risks reported throughout the company's management structure. This also substantiates the Group’s in-control statements.

The global function consists of team members operating through hubs spread over 4 continents. The team is organized in a matrix consisting of control & audit focus teams on business and functional areas (e.g. digital, talent, client, back office & shared service centers and fraud & forensics) and partners that are the linking pin to operating units (business risk & audit partners) with a global view. A support group is set up for professional practice, learning & development, quality improvement & methods, analytics and PMO.

Representatives of the different groups (Focus teams, BR&A Partners and support group) form the BR&AF core management team that reports to the Managing Director BR&AF.

how you will contribute

As Data protection & information security auditor you are part of the Business Risk & Audit Function (BR & AF) that covers all business operations in all territories, related to Clients, Talents and our (shared) Back-, Mid- and Front offices, as well as our Accounting & Reporting and other specialist functions like HR. With your risk & audit experience and expertise specific to data protection and information security you enhance Randstad's in-control situation. This by preparing and performing: risk assessments; internal control assessments; audits; and reviews, and compile reports on these activities that make an impact on management.

• as data protection and information security auditor you translate relevant market good practices, legal requirements (e.g. GDPR) into audits, assessments and reviews performed by BR&AF.

• together with other team members you provide management combined assurance, utilizing insights from enterprise risk management, internal control as well as internal audits that you lead and/or execute. Therewith you create momentum within the company to strengthen the risk-control position for our operational, shared services and accounting processes.

• you maintain contact with: local and international management; global and local process owners; and close collaboration with other involved stakeholders like other impacted functions within the group.

• together with other team members you coordinate, execute and report on the outcomes of risk management, internal control and internal audit in close collaboration with other involved and impacted functions within the group, such as: our data protection office, information security office, IT and/or applicable business functions.

• you are the Risk & Audit Expert that wants to personally grow by practicing and receiving on the job coaching & development.

• you take ownership for the planning, execution and reporting of the risk, internal control and internal audit activities to make impact. You know your impact is there when management follows-up on your reports by implementing operational and control improvements.

• are willing to travel. As the standard office locations for the BR&AF team are organised in hubs, like in the country mentioned, travelling is estimated to be about 20% to 30% of the job.

what you will be doing

• participate in risk assessments and assist in audit planning and scoping, such as: data protection, data privacy, IT security, information security and business continuity planning.

• perform data protection and/or information security controls/process audits on scope elements.

• for your expert domains able to lead and execute audits including audits such as GDPR compliance and information security maturity assessments and behavioral audits on information security culture.

• support combined comfort analyses on maturity of data protection and information security ( (combining audit insights with other sources of data such as internal control projects, management controls self-assessment and developments within the company)

• participate and lead audit interviews, accountable to prepare audit workpapers and reporting, as well as assist in drafting audit findings and recommendations for management based on identified control weaknesses or process improvements.

• support and monitor the follow-up implementation of corrective actions by management.

• act as a resource for colleagues with less expertise.

who will you work with

• Partners/communities within the IT operations and projects space

• Data protection, information security, IT security and business continuity communities within the Randstad organization.

• Business risk & audit partners

• IT & digital leadership

• External co-source partners

• BR & AF stakeholders/clients within the business including local MT's, process and control owners

what you will bring

Your in-depth data protection and information security (DP/IS) understanding combined with risk & audit skills are well developed, as a critical challenger to management you strike the right tone. You have a keen interest in the DP/IS aspects of Randstad's business and a sharp eye for improvements strengthening the balance in DP/IS control vs business flexibility. You are able to build a bridge between the technical specific subject matter of data protection and information security on the one hand and business needs and implications on the other hand. You have a broad interest in bringing data protection and information security to live in operational processes and improvements in the overall governance.

You:

• have minimum 8 years of relevant experience

• have minimum master degree in business or economics, and related accreditation (e.g. CISA | CISM | CISSP |CIPP/E)

• have  level BEC B1/B2 or higher Business English, preferably combined with proficiency in one of the following languages: Dutch, Spanish, French, Italian and /or German

• have a strong independent mindset

• are experienced in international stakeholder management & change

• are an innovative thinker that challenges the status quo

• have an agile and flexible working style and passion for on the job coaching and development

• translate your profound technical knowledge on cyber into practice with a pragmatic mindset adjusting to technical and organizational developments.

• prepare audit plannings and scoping on identified data protection and information security risks & opportunities.

• lead and execute internal audits/review for operational business processes, with focus on cyber and give guidance and/or instructions to junior staff in audit projects.

• report and communicate audit findings at the right tone to make impact and provide recommendations for improvements.

your competencies

Within Randstad we defined the following Leadership competencies:

• delighting people: connect people (client, talent, employee, society), building strong client relationships and delivering client-centric solutions.

• performing today: resourcefulness securing and developing resources effectively and efficiently.

• leading change: manages ambiguity operating effectively, even when things are not certain or the way forward is not clear.

• securing the future: drives vision and purpose painting a compelling picture of the vision and strategy that motivates others into action.

• creating clarity - showing line of sight: making sense of complex, high quantity and sometimes contradictory information to effectively solve problems and provides direction, is delegating and removing obstacles to get work done

• courage to challenge: shows courage and confidence to speak up skilfully, challenging others even when they are confronted with resistance or unfamiliar circumstances

• collaborates, reaches out, you excel in organizational sensitivity: manoeuvering comfortably through complex policy, process and people-related organizational dynamics recognising the value that different perspectives and cultures bring to an organization

what’s in it for you

We put people at the heart of everything we do. Our employment conditions reflect this and are in accordance with the applicable (local) Randstad employment policies and related personnel guide.

We want our teams and talent to reflect the rich diversity of the societies we serve. We thrive for an environment of belonging, safety and confidence. So everyone can bring their whole selves to work and flourish. Learn more about equity, diversity, inclusion and belonging at randstad here.

If you recognize yourself in the profile above, we invite you to apply for this role. For more information you can reach out to our recruitment business partner: jennifer.roberts@randstadsourceright.co.uk

The recruitment procedure consists of a screening and at least two interviews. Later in the process, an (online) assessment and a job offer conversation take place.