×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Business Analyst

IT Risk & Control Officer - Internal Control

Job in 1000, Amsterdam, North Holland, Netherlands
Listing for: Booking Holdings, Inc.
Full Time position
Listed on 2026-01-11
Job specializations:
  • IT/Tech
    Cybersecurity, IT Business Analyst
Salary/Wage Range or Industry Benchmark: 60000 - 80000 EUR Yearly EUR 60000.00 80000.00 YEAR
Job Description & How to Apply Below

About Us:

At , data drives our decisions. Technology is at our core. And innovation is everywhere. But our company is more than datasets, lines of code or A/B tests. We’re the thrill of the first night in a new place. The excitement of the next morning. The friends you encounter. The journeys you take. The sights you see. And the memories you make.

Through our products, partners and people, we make it easier for everyone to experience the world.

Role

Description:

This role presents a super exciting opportunity for you to join a growing, motivated team of professionals in Amsterdam. It is a role that will encourage you to learn and grow, and will give you the chance to create a real impact at

As an IT Risk & Control Officer, you will collaborate with other professionals that are experienced in the fields of Risk & Controls, Internal Audit and control/process owners from various departments, who will help you to learn, grow and provide you the freedom to experiment. Such is also part of the culture of

This position will require you to have a strong big picture focus, but be able to zoom in and out of the details to ensure you understand the processes fully.

Key Job

Responsibilities and Duties:

  • Internal Control framework design and implementation:

    • Develop, implement, and maintain internal control frameworks aligned with industry best practices and applicable regulatory requirements (e.g.,SOX, COSO, COBIT, NIST, ISO 27001, other compliance frameworks)

    • Collaborate with 1st/2nd line Risk partners, process owners and management to ensure the frameworks are practical, effective and tailored to business needs

    • Maintain a central repository of policies, procedures, control matrices

    • Develop RACI and standardized approach for implementation including training and communication

    • Develop approach for ongoing review & continuous improvement

    • Enable business partners with guidelines, templates and tooling

    • Maintain a central register of all framework documents

    • Contribute to R&C reporting and assurance

  • Act as SOx design authority:

    • Partner with R&C business and IT officers by providing guidance and ensuring that critical SOx controls are adequately designed and documented, in order to strengthen the control environment, mitigate the company risks and support the business in achieving objectives

    • Provide SME guidance to R&C business and IT officers and 1st line business owners in relation to observations and deficiencies, from initial assessment/triage through to mitigation and remediation

  • Support Audit management - act as an SME to support critical audit management activities such as audit planning and issue management

  • Support testing of business and IT controls and management certification (SOX Section 302, other compliance frameworks) by providing guidance to the testing team and reviewing the testing documentation.

  • Collaborate with GRC team and 1st/2nd line Risk partners to develop solutions and improve how risks, controls and issues are maintained in our GRC platform

  • Act as a risk ambassador within  to further enhance risk awareness and culture, including by facilitating formal training sessions

Qualifications & Skills:

  • 6+ years of previous work experience in internal controls, audit, risk management, or compliance

  • Bachelor's degree or higher in a relevant field (Master’s Degree is preferable).

  • Strong knowledge of internal control frameworks (e.g., COSO, COBIT, NIST, ISO 27001) and regulatory requirements (e.g., SOX, GDPR, DMA, DSA), and experience in applying them in various business areas/functions

  • Big4 experience is advantageous

  • Qualifications related to any of the above are advantageous (incl. CISM, CRISC, ACCA, CIA, CISA)

  • Experience with Cloud platforms, SaaS applications, and emerging technologies (AI/ML, RPA) is a plus

  • Good stakeholder management skills

  • Flexibility to adapt to an ever‑evolving and dynamic work environment

  • Self-starter with strong sense of responsibility

  • Energetic and very proactive

  • Process, problem solving and action oriented mindset

  • Strong communication and relationship building skills

  • High level of integrity, confidentiality & professionalism

  • Ability to develop strong relationships with business partners in order to…

Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search