Consultant IT Risk & Control Europe

As a Consultant IT Risk & Control Europe, you will play a key role in strengthening IT risk management and control practices across all EU Brands.

This is a senior, advisory-oriented position in which you will independently lead IT risk assessments, evaluate control design and operating effectiveness, and act as a trusted partner to Business, IT, and Information Security teams.
Beyond assurance work, this role has strong impact on strategy: you will support teams in preparing for audits, contribute to major IT initiatives, and challenge stakeholders to elevate their risk maturity.
You will also drive data‑driven improvements, automation use cases, and continuous enhancement of control processes.

About Ahold Delhaize

We’re Ahold Delhaize, one of the world’s largest food retail groups and a leader in supermarkets and e‑commerce. With strong local brands across Europe, the United States, and Indonesia, we help people eat well, save time, and live better every day.
We offer a dynamic and international environment where our people grow, contribute, and thrive. Innovation, collaboration, and continuous improvement define how we work and the value we strive to deliver to millions of customers worldwide.

Your new work environment

As a Consultant IT Risk & Control Europe, you will join our international IT Risk & Controls (R&C) community, supporting all EU Brands. Our mission is to be a trusted advisor in IT Risk Management — not only performing assurance activities but guiding teams on audit readiness, partnering with IT and Information Security stakeholders, and contributing to strategic IT and risk initiatives.

You will collaborate closely with colleagues across Serbia, Belgium, and the Czech Republic. This role offers broad exposure to all IT and InfoSec domains, systems, and operating models, allowing you to build deep expertise while driving tangible impact across the EU technology landscape. Continuous learning, international collaboration, and meaningful influence are at the core of this

As a Consultant IT Risk & Control Europe, you will:

• Perform and challenge IT risk assessments, and lead control scoping activities
• Provide expert judgment on control design & operating effectiveness
• Challenge the adequacy and sustainability of existing controls
• Advise Business, IT, ISO, and R&C teams on risk‑based remediation and improvements
• Lead analytics and automation initiatives in the control monitoring process
• Drive continuous improvement of data‑driven controls
• Act as a trusted advisor to stakeholders across EU Brands
• Proactively challenge risk mitigation approaches and support maturity growth
• Support teams during internal and external audit engagements
• Contribute to harmonizing control practices across R&C teams
• Independently perform control reviews, documentation, and follow‑ups
• Reference: LZ4u9v2npDpYf6XD-3Tkz_K7qMaIBLOSUXjagu3N2trpt6Iu33oqy29MB0zUO3Hk

Requirements:

• Minimum 5 years in IT Audit, IT Advisory, or IT Risk Management (experience with ITGCs, automated controls, application controls)
• Structured & organized
• Methodical working style, strong attention to detail
• Risk‑oriented mindset
• Understands the purpose of controls; curious about IT/IS risks and business impact
• Eager to deepen technical knowledge
• Constructive & collaborative partner
• Able to challenge and advise stakeholders constructively
• Strong team mindset, supportive, solution‑oriented
• Clear communicator
• Ability to simplify complex observations
• Strong documentation and reporting skills
• Proactive & eager to learn
• Takes initiative, leads improvements
• Open to giving and receiving feedback

Required Certifications:

(One or more from the list below)

• CISA, CRISC (ISACA)
• ISO 27001 Lead Implementer or Lead Auditor
• ISO/IEC 42001:2023 Lead Implementer or Lead Auditor
• Certified Ethical Hacker (CEH)
• COBIT 5
• SCRUM
• PRINCE2
• ITIL

Who You Will Work With: You will collaborate with a diverse, international network including:

• IT R&C EU Team (7 members across CZ, BE, RS)
• MAX R&C Team (SB) – Business Risk Management
• Global UAR Team (SB) – Access Management
• Business, IT, InfoSec, and other Risk & Compliance teams (US, EU, Group)

The role reports to stakeholders across EU locations (remote collaboration).

Selection Process: Here’s what you can expect during our selection process:

1. Online testing:
   You will complete a short assessment focused on work preferences, planning and organizational skills.
2. HR interview:
   A conversation with our Talent Acquisition team to get to know you, your experience, and your motivation for the role.
3. Final interview:
   A meeting with the Hiring Manager and selected team members to discuss your expertise in IT Risk & Controls and answer any questions you may have.
4. Optional:
   An in‑person conversation with members of the local Risk & Control team depending on availability and process needs.

What’s in it for you?

Aside from what we ask of you in this role, we offer a motivating and supportive environment where you can grow your expertise and advance your career. You can expect a wide range of development opportunities, including exposure to multiple EU brands, cross‑functional collaboration, and access to diverse IT and InfoSec domains.

You will work in a flexible and modern setup, with a hybrid working model and the ability to organize your schedule through flexible working hours. This role also brings the opportunity to collaborate with international teams, contribute to strategic IT initiatives, and build deep knowledge in IT risk management and controls.

Plus:

• Minimum 26 days of paid annual leave
• Indefinite employment contract
• Private health insurance
• Hybrid working model (we encourage an average of 3 days a week in the office)
• Flexible working hours
• 20 additional MAXI Benefits