×
Register Here to Apply for Jobs or Post Jobs. X

Risk and Compliance Officer

Job in 1000, Amsterdam, North Holland, Netherlands
Listing for: Booking Holdings, Inc.
Full Time position
Listed on 2026-07-16
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Business Analyst, Data Security
Salary/Wage Range or Industry Benchmark: 80000 - 120000 EUR Yearly EUR 80000.00 120000.00 YEAR
Job Description & How to Apply Below

At , our mission is to make it easier for everyone to experience the world. As our technology landscape, regulatory environment, and product ecosystem continue to evolve, we need practical and scalable approaches to risk, controls, and compliance that support the business without slowing it down.

About the Team:

The IT Compliance (TCOM) team helps  build & maintain a stronger and scalable control environment by translating regulatory, policy, and risk requirements into clear, operational controls and oversight mechanisms. A key focus area for the team today is building a Unified Control Framework that gives leaders a single, self‑serve view of the control environment by mapping controls and policy requirements to regulations such as NIST 2.0, NIS2, and DORA, while also connecting Shift Left, SOX, and other control domains into one coherent model.

One of the pain points we are solving is that every time a new framework or regulation impacts , a significant amount of effort is spent re‑assessing requirements, validating control scope, refining control wording, and checking whether existing controls are sufficient. Our goal is to move away from repeated one‑off assessments and towards a more unified, reusable, and audit‑ready control framework.

The team is based across Amsterdam, Bucharest, and Bangalore and works closely with Risk Partners supporting different business units, control owners, Security, Legal, and other stakeholders across Central Tech.

About the Role:

We are looking for an experienced IT Risk & Compliance Officer to join the team in Amsterdam. This is an individual contributor role for someone with strong experience in the risk and controls domain and a genuine interest in building, improving, and maintaining control frameworks.

This role is ideal for someone who enjoys making sense of overlapping regulatory and framework requirements, bringing structure to control environments, and working with stakeholders to turn abstract requirements into practical, testable, and sustainable controls. The role will play a key part in evolving the Unified Control Framework (UCF), supporting regulatory initiatives such as NIS2 and DORA, and helping ensure that risk and compliance requirements are addressed earlier in the software development lifecycle (shifting left) In practice, this involves executing the Unified Control Framework (UCF) strategy by contributing to its governance and roadmap definition, driving core regulatory compliance through NIS2 control mapping and refinement, and institutionalizing proactive risk management by designing reports on controls health.

Furthermore, this includes identifying and implementing pragmatic automation and AI‑assisted improvements to accelerate analysis speed and bolster overall control quality.

Key

Responsibilities and Duties:
  • Lead and support assessments of new and evolving regulatory or framework requirements, including NIST 2.0, NIS2, DORA, EU AI Act and other relevant cyber or technology compliance requirements, and determine how  should respond.
  • Build, maintain, and improve the Unified Control Framework by mapping requirements to internal policies, standards, assets, control objectives, and existing controls, with a strong focus on reuse, coherence, and reducing duplication.
  • Translate regulatory requirements and external recommendations into clear, practical, testable control descriptions with defined ownership, execution expectations, evidence requirements, and monitoring logic.
  • Collaborate with Risk Partners, control owners, domain experts, policy owners, and other stakeholders to align on control design, applicability, remediation needs, and implementation priorities.
  • Support Shift Left and Security NFR initiatives by ensuring that risk and control requirements are considered earlier in the SDLC and reflected in reporting, adoption logic, and risk insights.
  • Contribute to governance, reporting, and continuous improvement activities that help the business understand compliance posture, risk exposure, and control effectiveness more clearly.
  • Identify pragmatic automation or AI‑enabled opportunities that can reduce manual effort, improve review velocity,…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary