Aegon Global Technology Service (GTS) provides technology infrastructure support as well as business consulting services to the Aegon USA, European enterprise and business partners. The information technology services encompasses regional services, enterprise-wide application services, architecture, product assessment, customer service, internet and messaging, server management, telecommunications, security, data service and more.
The Business Information Risk Security officer seeks to prevent damage as a result of breach of information,
implement information risk management and monitor compliance with laws and regulations.
Develops group policy and annual plan;
Creates awareness on the importance of information security for the group;
Provides information security goals;
Develops a strategy to achieve information security goals.
Provides functional guidance to Information Security functions;
Acts as project manager or client for group-wide projects in the field of information security & risk;
Organizes and facilitates group consultation for information security & risk management and coordination.
Promotes and directs the development of implementation directives;
Initiates and information security & risk awareness programs;
Initiates and facilitates group-level risk analysis and develops of control measures;
Checks if implementation guidelines are aligned with policies and recommends improvements;
Prepares business decisions in the field of information security & risk;
Advises management in case business policy decisions have implications for information security & risk.
Assesses reports from internal and external audit agencies on relevance to information security & risk;
Assesses alignment of information security & risk reports from information security & risk functions with implementation guidelines;
Provides assignments for internal investigations and audits;
Maintains a central registration of information security & risk incidents, including current status;
Assesses developments in society, the industry and the information security & risk field.
Adjust information security & risk vision, strategy and policy and facilitates adaptation of implementation guidelines based on evaluations.
Maintains internal contacts with group management, group staff, information security & risk functions;
Maintains external contacts with auditors, industry and professionals.
Fluent in English verbally and written
Experience in an (international) corporate environment
Insurance, Financial Services or Regulatory experience
Knowledge of applied techniques, methods, products and services in the field;
Knowledge of the business processes and organization within relevant business domains;
Agile way of working;
10 + years relevant experience.
Analytical, advice & consultation personal skills