Head of IT GRC

Are you an experienced and strategic leader with a strong passion for IT Governance Risk & Compliance And are you ready to take the lead in our IT integration program for newly acquired or soon to be acquired companies Then we are looking for you!

Step into the role of Head of IT GRC

As the Head of IT GRC within Normec you are the authority and strategic driving force behind IT Governance Risk & Compliance. You report directly to the Group CISO of Normec and are responsible for creating and maintaining a secure compliant and resilient IT environment. You work closely with various departments within the organisation including IT Operations Security Legal and Management.

Next to this you will:

• Develop and implement a comprehensive IT GRC strategy and roadmap that aligns seamlessly with business objectives and regulatory requirements.

• Lead the identification assessment and mitigation of IT-related risks. You manage the IT risk register monitor the effectiveness of mitigation measures and proactively report to management. Knowledge and experience with COSO SRA and COBIT IT controls is required.

• Ensure compliance with relevant regulations such as NIS2 GDPR ISO 27001 and others. You coordinate internal and external IT audits and oversee the follow-up of findings.

• Develop implement and maintain IT-related policies procedures and standards ensuring they are effective and efficient.

• From the initial acquisition phase you assess IT risks IT compliance and IT maturity of potential acquisitions. You create a roadmap and coordinate the implementation of required improvements for seamless integration.

• Communicate effectively with senior management board members and external auditors regarding the status of IT GRC activities risks and compliance.

Our offer

• A yearly salary up to 108K gross based on a 40 hours work week including holiday pay.

• 25 days of annual leave.

• Hybrid working possibilities.

• A collective pension scheme with 50% of the premium paid by us.

• Plenty of opportunities for growth and development.

• A dynamic environment where your expertise genuinely shapes our security posture.

Your profile

• A completed bachelors or masters degree in IT Cybersecurity Business Administration (with IT focus) IT Auditing or a comparable relevant field.

• At least 5 years of relevant experience in IT GRC.

• Extensive knowledge and experience with IT GRC frameworks and standards (such as ISO 27001 GDPR NIST COBIT etc.).

• Relevant certifications such as CISA CISM CRISC CISSP or equivalent (required).

• Experience selecting and implementing GRC software solutions such as Trustcloud is an advantage.

• A proactive attitude resilience and the ability to thrive in a dynamic environment.

• At least fluent in English and living in The Netherlands.

Your new workplace

At Normec Holding (our headquarters) you will join an open informal and collaborative environment where initiative is encouraged and expertise truly matters. We are a fast-growing organisation with a dynamic paceideal for someone who enjoys variety ownership and continuous evolution in their this role you will work at least 2 to 3 days per week from our office in Utrecht combining focus time at home with meaningful collaboration on site.

About Normec

Normec is a trusted leader in the Testing Inspection Certification and Compliance (TICC) industry. Our expertise spans critical areas such as water air and soil quality fire and food safety ensuring the highest standards of quality and security across diverse industries. Established in 2016 Normec is an ambitious independent and rapidly growing organisation.

We offer our team members the opportunity to contribute to our mission while developing their careers in a dynamic fast-paced environment creating impactful solutions for clients and a sustainable tomorrow. The essence of Normecs culture characterized as informal open dynamic and ambitiously entrepreneurial is rooted in our foundational GROWTH principles. These are embedded in The Normec Fit programm which ensures that not only our company grows but also everyone who is part of it.

Interested Lets talk!

For questions or more information please contact Maureen Ensink via

We look forward to receiving your application.


Unsolicited contact from recruitment agencies is not appreciated and will not receive a response.

Dont fill this box - it will not be shown on the website