Controls Implementation Consultant

ABOUT THE COMPANY:

Join ADDENDUM, a global software development and IT team augmentation firm focusing on fintech, banking, and telco industries. Experience tailored benefits, diverse projects with various tech stacks, and opportunities for growth, freedom, and responsibility you desire.

ABOUT THE ROLE:

Whether you're in the heart of Europe, you'll join forces with dedicated professionals in the energy industry, working on exciting projects aimed at implementing NIS2-related protective measures to ensure an adequate and proportionate level of protection for the company.

WHAT YOU WILL BE DOING:

The general objective of this role is to enable effective and efficient NIS2 compliance implementation across the IT organization, and to facilitate NIS2 management oversight of control effectiveness through follow-up and reporting to the company's IT management and key stakeholders.

• Enable and support IPLs and ARTs to implement NIS2 related protective measures
• Consolidate controls implementation data from the agile delivery organisation into a management report on company's IT level.
• Create and maintain management oversight of controls implementation across the different parts of the agile delivery organisation
• Facilitate workshops and meetings related to NIS2 compliance implementation in the IT process and system landscape.
• Participate in creating and maintaining company's IT specific processes and instructions related to compliance implementation.
• Develop the tool landscape and the day-to-day processes to ensure a coherent use of quality and controls processes in IT
• Define and follow up on KPIs for controls implementation
• Participate in introducing the new risk management methodology in IT
• Support the agile delivery organisation in addressing and tracking treatment plans resulting from the risk management process

Success factors for this role are (non-exhaustive list of examples):

• The agile delivery organisation in IT is enabled to implement NIS2 controls in a structured, aligned and compliant manner from a global point of view
• Management oversight for NIS2 controls is established and reported across IT.

WHAT WE EXPECT:

• Good understanding and knowledge of contract management, supplier assurance and compliance implementation in general
• Knowledge in international security standards in general (e.g., ISO27000 series, IEC 62443 series)
• Knowledge in national legislations and standards (e.g. UK NIS CAF, US NERC CIP, IT Sicherheitskatalog in GER, NIS2)
• Basic understanding of technical cybersecurity concepts
• Good organizational understanding (e.g. to define business / operations processes)
• Good documentation skills for compliance governance purposes
• Good communication and presentation skills on SME level but also on management level
• Ability to maintain networks in the organisation

WHAT WE OFFER:

At Addendum we believe in personalized benefits packages that cater to your unique passions. Tell us what drives you, and we'll craft a package accordingly. On top of that, heres whats in store automatically:

• Flexible Hours: No more 9-to-5; work when you're at your best.

• Top Talent Collaboration: Join award-winning teams from different countries.

• Diverse, Challenging Projects: Break free from the ordinary with dynamic, stimulating work.

• Epic Team Events: Join us for summer and winter parties and online events.

• Special Celebrations: We love a good shindig for birthdays and project milestones.

And if you want to turn up the volume even more, here's what you can additionally have:

• Rock star Benefits: From health and wellness to tech gadgets, we've got it covered.

• Flexible Work Options: You choose your work style: from the office to a beach in Bali.

• Healthy Work-Life Balance: Easy sick-leave and unlimited work-from-home options.

So, get your dancing shoes on and come join the fun!

At ADDENDUM, we wholeheartedly reject all forms of discrimination, including but not limited to age, disability, sex, sexual orientation, pregnancy and maternity, race or ethnicity, religion or belief, gender identity, marriage, civil partnership, or any other protected category. We are committed to fostering a culture of equality and inclusion, where every individual has the opportunity to thrive.