IT Risk & Control Specialist

citizenM hotels

IT Risk & Control Specialist responsible for strengthening IT risk management framework. Identifying and mitigating IT risks while collaborating with stakeholders and reporting to the Global Head Risk & Control.

Posted 4/30/2026full-timeVoorschoten • 🇳🇱 NetherlandsMid-LevelSeniorWebsite

Tech Stack

Tools & technologies

Cyber Security

About the role

Key responsibilities & impact

Develop, refine, and implement the IT internal control framework under the guidance of the Global Head Risk & Control.
Maintain a centralized repository of key IT controls and monitor their quality to ensure adherence to IT risk management and internal control standards.
Collaborate with relevant stakeholders to ensure timely and effective implementation of IT control recommendations and enhancements.
Identify and drive opportunities for IT control enhancement through automation and continuous control monitoring.
Provide expert advice to the organization on the remediation of IT control issues, offering proactive solutions to mitigate IT risks.
Organize regular awareness sessions on IT internal control framework (ITCG) to enhance understanding and adoption across the organization.
Driving the Change management process within the organization, this includes training (together with L&D), CAB board ownership, lead CAB board meetings and Change Management governance.
Assist in preparing comprehensive reports on IT risk and control matters for (senior) management and stakeholders, highlighting key insights and recommendations.
Contribute in the development, maintenance, and testing of the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) for IT systems.
Provide support in designing, implementing, and maintaining user access controls for IT systems, ensuring alignment with security policies and compliance requirements.
Support in designing and maintaining role matrices for IT systems to ensure appropriate access levels and segregation of duties.

Requirements

What you’ll need

Bachelor's or Master's degree in Information Technology, Computer Science, Cybersecurity, Finance, Auditing, Business Administration or a related field.
Prior experience within the IT or IT Audit domain.
Solid analytical skills with the ability to assess IT risks and propose effective solutions.
Excellent communication and interpersonal skills, with fluency in English.
Proactive mindset with a keen eye for detail and the ability to challenge the status quo.
Upholds the highest ethical standards in all aspects of work.
Experience in the hospitality industry is advantageous.
Knowledge of IT frameworks such as COBIT, ITIL, ISO 27001 is a plus. And industry certifications such as CISA, CRISC, ISO 31000 Risk Manager etc. would be beneficial.

Benefits

Comp & perks

citizenM experience nights for you (and friends and family). Discounted nights at Marriott hotels
Personal and professional development opportunities and programs
Latest tech devices and all the tools you need to be successful in your role
Commuting travel costs covered (by car or public transport)
Pension and cycle-to-work scheme
Subsidized fresh daily lunches at our support office
Flexible public holidays
Employee assistance program
Varied team days and social events (from food trucks and quizzes at the office to parties on boats)

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

IT internal control frameworkIT risk managementautomationcontinuous control monitoringuser access controlsrole matricesBusiness Continuity Plan (BCP)Disaster Recovery Plan (DRP)analytical skillsIT frameworks

Soft Skills

communication skillsinterpersonal skillsproactive mindsetattention to detailethical standardscollaborationtrainingleadershiporganizational skillsreporting

Certifications

CISACRISCISO 31000 Risk Manager