Risk Compliance Officer jobs at Booking in Netherlands, Amsterdam

Key Responsibilities

• Business Acumen:
• Maintain a fundamental understanding of the Booking.com business, industry news and risk best practices and apply that knowledge in the context of your core areas of responsibility.
• Critical Thinking:
• Identify and design solutions in a wide range of situations, and proactively propose concrete improvement plans.
• Objective Setting, Prioritization & Task Management:
• Independently structure and execute work, decide on priority areas and output fitting the overarching objectives and priorities. Deliver in line within agreed timelines and escalate issues to the appropriate level and roles within the organization where needed.
• Attention to Detail:
• Produce high quality, accurate output across a broad range of topics, with limited review and oversight required.
• Result Orientation:
• Work independently and proactively to deliver the right results for specific objectives and deliverables in line with personal and company values whilst influencing stakeholders in order to meet timelines and prioritize critical activities.
• Effective Communication & Presentation Skills:
• Effectively and clearly communicate and present information relating to core responsibilities, tailor messages and explain (technical) concepts to stakeholders.
• Facilitate cross-functional discussions.
• Organize and run larger meetings in a clear, structured and outcome-oriented manner.
• Stakeholder Management & Influencing:
• Independently identify, develop and grow relationships with key stakeholders to build and maintain a wide network within the coverage area, mostly at mid-level but also including key senior stakeholders for a bilateral flow of information.
• Align with stakeholders on impact beyond their team, respectfully challenging and influencing others to assume appropriate roles and responsibilities by adopting stakeholder management and influencing techniques.
• Confidently and independently navigate tricky discussions, incorporating Manager input around escalations, approach or blockers where needed.
• People Management:
• Provide constructive feedback to peers and incorporate received feedback into personal development goals.
• May provide mentoring and task oversight to more junior staff or external consultants.
• Support hiring process.
• Operational & Technical Expertise:
• Apply a comprehensive understanding to processes, systems and/or products within your coverage area.
• Display general understanding of the impact on the wider process and/or system landscape.
• Seek manager input for in-depth expertise.
• Risk Landscape Awareness:
• Maintain awareness or knowledge of the broader internal risk landscape across one or more business areas as well as external developments.
• Adopt a business need centric and user friendly approach to influence business stakeholders to take informed decisions in line with the risk capacity, risk appetite and risk tolerance of Booking.com.
• Risk & Governance Advisory:
• Provide input to the development of methodologies throughout the risk management lifecycle.
• Advice stakeholders in ongoing risk and compliance work within your dedicated area(s).
• Risk Identification & Assessment:
• Identify and appropriately assess risks in line with the team's frameworks and methodologies.
• Document risk assessment outcomes, including clear description of the risk, perceived level of risk and considerations for risk treatment, tailored to the topic at hand, with limited guidance and review required.
• Risk Treatment:
• Independently support control design and/or assurance activities and work with control owners to prepare controls for approval.
• Coordinate audit activities including support to close any control deficiencies identified.
• Work across teams/projects/BUs and ensure risks are appropriately mitigated.
• Develop, select and implement risk treatment strategies, proposing alternative risk treatment options where needed.

Communication.Stakeholder

• Process/Control owners (combination of directors, managers, team leaders and individual contributors)
• Subject Matters Experts (SME's) e.g. Finance, Fintech, Fraud, Legal, Security, etc.
• Other Internal stakeholders in Accommodations (i.a. CS, PS, Product), Trips, Finance, FinTech, Legal, Marketing, People, Strategy and Corporate Development and Technology (i.a. Security, Infrastructure)
• Internal & External Audit
• Risk & Control team

Communication.Type

• Persuasion / CooperationPartner with business stakeholders by: providing guidance and support in ongoing compliance;providing guidance and support in identifying risks and control gaps and, designing and implementing appropriate controls;providing clear instructions on expected stakeholder contributions and ensure follow up;facilitating and participating in cross functional groups for activities related to the risk management lifecycle;presenting and advising on standardized methodologies, processes and documentation;maintaining a business centric approach.
• Information and CooperationInform SMEs on:risk areas in need of SME input;control design and implementation;work closely together to share knowledge and experience.
• CooperationWork closely together to share knowledge and experience.
• Cooperation Support Internal and External audit teams to ensure that remediation plans are implemented on a timely basis for any deficiencies foundSupport SOX, PCI and other audit cycles
• Information and CooperationWork closely together to share knowledge and experience.

Communication.Frequency

• Continuous
• Continuous
• Continuous
• Continuous
• Continuous

Level of Education.Level of Education

• Bachelor degree
• Master degree

Level of Education.Description

• Alternatively compensating years of experience (3 to 5 years in addition to below)
• Preferred

Years of relevant Job Knowledge.Years of relevant Job Knowledge

• Advanced Knowledge (5 - 8 years)

Requirements of special knowledge/skills

• Qualities / Soft Skills:
• Enthusiastic, self-starting and flexible work attitude
• Ability to effectively prioritize and manage workload, work under pressure and deliver on timelines
• Handle multiple tasks, of varying and often complex content, generally at the same/similar time
• Have the ability to split large tasks into logical, manageable and decoupled actions which are managed effectively and delivered on time
• Strongly process, problem solving and action oriented
• Curious and proactive in the assessment and challenge of risks
• Strong team player
• Advanced communication skills and ability to actively listen
• Strong relationship building skills
• High level of integrity, confidentiality & professionalism
• Requirements of special knowledge/ Hard Skills:
• Advanced (technical) understanding of and experience with Risk Management, Compliance, Internal controls , control procedures, automation, monitoring, testing, collecting evidence and remediation activities
• Experience with large e-commerce or tech companies is advantageous
• Fluent in English, both written and spoken
• CISSP, CRISC, CISM, CISA, or similar certification is advantageous
• Project management skills
• Stakeholder management skills
• For Business Officer functions:
• Advanced understanding of and experience with risk management relevant fields, for example but not limited to:
• Business analysis
• Auditing
• Corporate governance
• Finance concepts and processes
• SOx integration
• AML/ CFT framework, GDPR, PCI, SOx
• Fundamental understanding of below IT expertise fields.
• For IT Officer functions:
• Advanced understanding of and experience with risk management relevant fields, for example but not limited to:
• IT Risk management and IT Governance
• IT Security concepts and processes
• (IT) Frameworks like ITGC, COSO, NIST
• DevOps tools like Puppet, Jenkins, Git, Docker, or Kubernetes
• JIRA
• Fundamental understanding of above Business expertise fields.

If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.

• Assist in the development and leading of regular security training/awareness programs to train and educate risk owners and the broader organization on internal controls and security topics.
• Co-Lead/ support the processes of maturity assessments (cyber, fraud, T&S) and recommendations follow up
• Coordinate the follow up of audit and internal assessment security issues; Monitor and report the status of remediation plans; assess remediation progress and challenge management on the selected approach and prioritization.
• Co-Lead/ support the process of SS&F risk register update including the maintenance of the SS&F risk definition
• Support the IT policy lifecycle management including the design, implementation and adoption of policies, standards and guidelines in the areas of SS&F.
• Manage security exceptions to IT policies and standards.
• Stay flexible to meet the dynamic business needs, while maintaining robust solutions that strengthen the control environment.

• Bachelor’s degree required in technology, computer science or a related field
• CISA, CISSP, CISM, CEH, CIPP/E or related certification.
• 5-7 years work experience in business analysis, information security processes, auditing, corporate governance, risk management, internal controls, security awareness programs.
• Ability to develop solid relationships with business partners in order to drive the adoption of the risk management culture.
• Strong program management and stakeholder engagement skills.
• Thorough technical understanding of SS&F internal control requirements and design and experience in applying them in various businesses.
• Able to split large tasks into logical, manageable and decoupled actions which are managed effectively and delivered on time.
• Be flexible and agile in response to the change in business, change in stakeholder expectations and/or change in regulatory/operating environment of .
• Good understanding of IT Control and cybersecurity Frameworks, such as COBIT; ISO 27001 and NIST CSF / SP 800-53.
• Strong independent contributor, while still a strong team player

Total Reward Philosophy:

• The benefits and perks offered by the company can be .

Career Development Opportunities:

• Learn more about here.

• and benefit from a mentoring relationship with a more experienced person to help you identify and achieve your professional and personal development goals.

• personalized one-to-one coaching with our internal coaches.

If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.

Role Description:

As a Senior Data Engineer, you’ll collaborate with top-notch engineers and data scientists to elevate our platform to the next level and deliver exceptional user experiences. Your primary focus will be on the data engineering aspects—ensuring the seamless flow of high-quality, relevant data to train and optimize content models, including GenAI foundation models, supervised fine-tuning, and more.

Key Job Responsibilities and Duties:

• Rapidly developing next-generation scalable, flexible, and high-performance data pipelines.

• Dealing with massive textual sources to train GenAI foundation models.

• Solving issues with data and data pipelines, prioritizing based on customer impact.

• End-to-end ownership of data quality in our core datasets and data pipelines.

• Experimenting with new tools and technologies to meet business requirements regarding performance, scaling, and data quality.

• Providing tools that improve Data Quality company-wide, specifically for ML scientists.

• Providing self-organizing tools that help the analytics community discover data, assess quality, explore usage, and find peers with relevant expertise.

• Acting as an intermediary for problems, with both technical and non-technical audiences.

• Promote and drive impactful and innovative engineering solutions

• Technical, behavioral and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences, and active community participation

• Collaborate with multidisciplinary teams: Collaborate with product managers, data scientists, and analysts to understand business requirements and translate them into machine learning solutions. Provide technical guidance and mentorship to junior team members.

Qualifications & Skills:

• Bachelor’s or master’s degree in computer science, Engineering, Statistics, or a related field.

• Minimum of 6 years of experience as a Data Engineer or a similar role, with a consistent record of successfully delivering ML/Data solutions.

• You have built production data pipelines in the cloud, setting up data-lake and server-less solutions; ‌ you have hands-on experience with schema design and data modeling and working with ML scientists and ML engineers to provide production level ML solutions.

• You have experience designing systems E2E and knowledge of basic concepts (lb, db, caching, NoSQL, etc)

• Strong programming skills in languages such as Python and Java.

• Experience with big data processing frameworks such, Pyspark, Apache Flink, Snowflake or similar frameworks.

• Demonstrable experience with MySQL, Cassandra, DynamoDB or similar relational/NoSQL database systems.

• Experience with Data Warehousing and ETL/ELT pipelines

• Experience in data processing for large-scale language models like GPT, BERT, or similar architectures - an advantage.

• Proficiency in data manipulation, analysis, and visualization using tools like NumPy, pandas, and matplotlib - an advantage.

• Experience with experimental design, A/B testing, and evaluation metrics for ML models - an advantage.

• Experience of working on products that impact a large customer base - an advantage.

• Excellent communication in English; written and spoken.

Booking.com’s Total Rewards Philosophy is not only about compensation but also about benefits. We offer a competitive , as well unique-to-Booking.com benefits which include:

• Annual paid time off and generous paid leave scheme including: parent, grandparent, bereavement, and care leave

• Hybrid working including flexible working arrangements, and up to 20 days per year working from abroad (home country)

• Industry leading product discounts - up to 1400 per year - for yourself, including automatic Genius Level 3 status and Booking.com wallet credit

Application Process:

• Let’s go places together:

• This role does not come with relocation assistance.

If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.

Our key focus areas include:

• Compliance platform: Leverages state-of-the-art technology to execute comprehensive sanctions screening across multiple dimensions.

• Screening & Monitoring: Develop and implement systems to screen partners/customers data, transactions, and business relationships.

• Risk Identification & Mitigation: Identify potential risks, flag suspicious activities, and collaborate with compliance teams to resolve them effectively.

• Regulatory Reporting: Ensure adherence to international regulations by generating accurate, timely reports for regulators and stakeholders.

• Technology Enhancement: Continuously improve algorithms and tools to enhance screening accuracy, reduce false positives, and streamline workflows.

Role Description

A Senior Software Engineer owns the end-to-end execution of technical elements in the Booking.com tech stack, products and processes. They are responsible for the implementation of complex technical solutions based on business requirements, they can accurately estimate or forecast the effort and impact of the items they work on, and show a high quality of craft in what they deliver. Senior Software Engineer is expected to work together with colleagues in other job roles to design, prioritize and implement complex technical tasks. Senior Software Engineer is expected to coach and mentor more junior engineers and be a thought leader in their team ensuring best practices are being implemented.

Key Job Responsibilities and Duties

• Leading the design of complex systems, ensuring scalability, maintainability, and high performance. Making architectural decisions that align with business requirements and technical constraints.

• Providing guidance and mentorship to junior and mid-level engineers. Conducting code reviews, sharing best practices, and helping develop the technical skills of the team.

• Writing clean, maintainable, and efficient code. Ensuring code quality by implementing tests and adhering to coding standards and design patterns.

• Working closely with cross-functional teams, including product managers, and other engineering teams, to align technical development with business goals.

• Staying up-to-date with the latest technologies and best practices. Actively contributing to improving processes, performance, and technical solutions. Driving innovation within the team or organization.

• Minimum of 6 years of software development with extensive architectural design experience and guiding teams; using 2 or more server-side programming languages. Experience with Java is a must

• Experience with micro-services is a must

• Experience with building highly scalable distributed systems and batch processing pipelines with a focus on data integrity

• Experience with multiple data storage technologies, Relational (MySQL) and NoSQL

• Experience with AWS (DynamoDB, RDS, Glue, EC2) is a plus.

• Experience with unit, integration, and end-to-end testing paradigms

• Experience with defining and upholding SLOs/KPIs and participating in architecture reviews for systems

• Experience with Regulation, compliance policies is a plus

• Past experience with payments or FinTech is a plus

• Experience with security challenges for authentication and authorization

• Experience of working on products that impact a large customer base and have a company-wide impact.

• Experience in working with teams, colleagues spread across geographical locations is a plus.

• Preferably a university degree in Software Engineering, Computer Science or similar

• Excellent communication; written and spoken

Booking.com’s Total Rewards Philosophy is not only about compensation but also about benefits. We offer a competitive , as well unique-to-Booking.com benefits which include:

• Annual paid time off and generous paid leave scheme including: parent, grandparent, bereavement, and care leave

• Hybrid working including flexible working arrangements, and up to 20 days per year working from abroad (home country)

• Industry leading product discounts - up to 1400 per year - for yourself, including automatic Genius Level 3 status and Booking.com wallet credit

• Contributing to a high scale, complex, world renowned product and seeing real-time impact of your work on millions of travelers worldwide;

• Working in a fast-paced and performance driven culture;

• Opportunity to utilize technical expertise, leadership capabilities and entrepreneurial spirit

• Promote and drive impactful and innovative engineering solutions

• Technical, behavioral and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participation

• Need more flexibility in your work week? We are happy to consider part-time, and reduced working week opportunities* (min. 32 hours per week, subject to terms and conditions)

Application Process

• Let’s go places together:

• This role does not come with relocation assistance

If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.

You’ll work closely with colleagues across data, commercial, and finance—bringing together technical insight and commercial thinking in a fast-paced, collaborative environment. It’s an opportunity to apply your insurance background in a new context, with real influence and meaningful outcomes.

Role Description:

We're looking for an experienced Insurance Actuarial Risk Manager who will lead the design and oversight of risk costing, monitoring, stress testing, and risk transfer for all protection products globally. To act as the accountable owner for core loss-ratio KPIs and the interface with senior stakeholders, brokers, and governance forums

Key Job Responsibilities and Duties:

Risk Costing & Modelling

• Lead development of risk costing methods for protection products (e.g. CFAR, Property Damage, etc)

• Own assumptions, costing logic, and governance for limits and adjustments

• Validate ML (machine learning) outputs with interpretable frequency × severity frameworks

• Supervise associate model validation and documentation

Monitoring & Stress Testing

• Define and oversee monitoring suite (loss triangles, CAT exposure dashboards)

• Own stress test design and escalation thresholds

• Lead reporting to risk governance forums

• Present findings with recommendations

Reinsurance & Capital Strategy

• Design retention strategy, advises on stop-loss/captive needs

• Lead engagement with brokers, reinsurers, and finance

• Write risk transfer committee papers and capital implications justifications

Governance & Process

• Drive model governance, assumptions documentation, version control

• Lead internal audit prep and methodology reviews

• Co-chair exposure/financial risk governance meetings

Stakeholder Engagement

• Partner with Commercial, Finance, and Data Science to align on cost and exposure

• Represent risk in cross-functional forums and leadership updates

• Translate technical findings into actionable product guidance

Leadership & Development

• Designs and leads a small, high-impact risk function focused on protection products

• Manage, mentor, and develop junior team members, setting clear goals and delivering structured feedback

• Shape team operating model, ways of working, and hiring profiles to support growth and scalability

• Champion a proactive, scalable risk culture across cross-functional stakeholders

Qualifications & Skills:

Technical Skills

• Strong command of GLMs, credibility theory, and scenario modelling

• Comfortable interrogating black-box ML outputs and combining with actuarial logic

• Solid SQL and Excel skills; experience translating models into frameworks

Risk Transfer Exposure

• Experience in reinsurance or captive structuring

• Able to lead broker/partner negotiations and evaluate cost-benefit trade-offs

Process & Governance

• Passion for documentation, transparency and auditability

• Owns model version control, governance process, and risk audit readiness

Cross-Market Exposure

• Experience operating across jurisdictions and adapting to different market practices

• Confident navigating multi-stakeholder settings

Communication & Influence

• Able to explain technical assumptions and outcomes to executive and non-technical stakeholders

• Proven track record working cross-functionally in commercial settings

Ownership & Impact

• Operates independently, sets strategic direction, accountable for outcomes

• Confident in building and defending business cases

Mindset & Behaviours

• Self-starter, entrepreneurial and proactive

• Risk minded with strong business judgement and commercial understanding

• Thrives in fast-paced, ambiguous environments

Education & Knowledge

• Bachelor's degree

• Fully qualified actuary (FIA, ASA/ACAS, or equivalent)

• CFA/FRM with strong quantitative focus also considered

• 10-15+ years in insurance pricing, reserving or portfolio analytics

• Exposure to travel, P&C, warranty or affinity lines

Booking.com’s total rewards philosophy is not only about compensation but also about benefits. Our rewards are aimed at making it easier for you to experience all that life has to offer — all the messy, beautiful, and joyful bits — on your terms. So you can focus on what really matters. We offer competitive compensation as well as thoughtful, valuable, and even fun benefits which include:

• A great, brand new office to in the heart of Amsterdam

• 29 days’ paid holiday plus bank holidays

• On-site meals, coffee, and snacks, including healthy and vegan options

• Health & well-being benefits such as mental health support, access to health insurance, etc.

• Employer contribution pension

• Industry-leading parental leave and adoption leave

• From day one of your employment with us, we offer 22 weeks’ fully paid leave for all new parents, regardless of gender or the way you become a parent

• Great discounts on accommodation, car rentals and other group benefits

• Carer’s leave. 10 days’ fully paid leave per year for colleagues who are caring for ill family members.

• Hybrid Working (NL): We believe in office attendance at least 40% of your time whilst empowering you with the flexibility to plan where to do your best work

If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.

Role Overview

Business Operations at Booking.com is the glue to help it function in the most efficient way possible and with the customer focus at its core. It helps teams to connect the dots and effectively navigate the internal Booking.com organization, the work that is being done, and how it aligns with outcomes towards our Mission, Vision, and Strategy.

• This would be c.75% of the role, both as an individual contributor and working with 1 direct report and several peers to lead and execute Trips BU Business Operations

The Senior Program Manager element of the role is responsible for the governance and active program and / or portfolio management of highly complex programs linked to our company and department strategy & objectives.In this role, the Senior Program Manager will be exposed to very Senior Stakeholders (eg. Leadership team) and working closely with their teams. The Senior Program Manager will also actively contribute to establish and maintain the PM craft within

• This would be c.25% of the role, line-managing, deploying and overseeing a team of 3 program and (sr) project managers operating on different projects across the BU

Key Job Responsibilities and Duties

Business Operations:

• Design, implement and/or execute thoughtful, yet simple, processes to increase efficiency and productivity. Drive the optimization of business operations by driving adoption of standardized and possibly more automated processes across the department to increase efficiency and effectiveness while also simplifying where possible
• Support setting the vision, objectives, budget and planning of execution for the department. Effectively lead the adoption of Corporate planning and governance processes through all the different phases, including driving and facilitate cross departments handshakes and dependencies planning process
• Define, execute and manage the rhythm of the business working closely with the Department Leadership Team, ensuring an effective adoption of Corporate cadence ((eg. Quarter Operational Reviews, Strategic Portfolio Management tracking, Planning and Budget, etc) and an efficient governance of the Department. Ideate and implement a cross departmental engagement model to effectively run shared objectives where it is relevant
• Actively manage the Department internal governance (such as OKRs, QPRs, etc) providing insights and recommendations to the Department LT for future evolution of the Trips operating model. Initiates and leads projects aligned to (improve) scorecard KPIs.
• Lead the cross-functional collaboration efforts among various teams, departments, and stakeholders. Acts as a central point of contact, streamlining processes, fostering teamwork, and driving operational efficiency for the governance with the other departments contributing to Trips priorities and objectives.
• Line manage 1 business ops associate - appropriately supporting, challenging and directing them
• Work closely with our 5 Strategy & Operations managers, pulling together the 5 Trips verticals into a coherent operating model. These team members are responsible for busops in the sub-departments of Trips, so effectively have a ‘dotted line’ relationship to this role, who is responsible for departmental-wide business ops.

Program Management:

• Lead (a portfolio of) highly complex strategic or critical programs (e.g. complex change / transformational /M&A initiatives within the function and organisation).
• Lead by example on Project & Program management craft best practices and behaviours. Provide thought leadership, advice & support on Program Management including setting high quality standards both within the department as well as influence outside.
• Lead a team of (senior) project / program managers in a successful way.
• Lead (change) transformations, integrations or mergers & acquisitions from a program management perspective
• Leads the budget and planning cycle - including prioritization exercise - in collaboration with functional leaders within and outside department

Role Qualifications and Requirements

• Independently use quantitative and qualitative data to drive decision making and lead by example
• Be a role model of "Winning together" value. Building and maintain lasting relationships and connections with diverse teams, across the organization and outside
• Strong leadership skills, ability to influence and steer leadership and senior management. Ability to influence VP level and productively interact with SVP level
• Ability to break up highly complex problems into actionable and easy to understand solutions
• Able to function well within ambiguity and in a constantly changing environment
• Ability to think strategically and connect dots where others have a limited view; able to identify challenges and opportunities and drive solutions/actions recommendations and follow up.

Business Ops:

• Craft skills: Strong process management and problem solving skills including experience with project / change management approaches and phases. Preferably having a solid data and insights analytical skills, comfortable in facilitating effective governance and business as usual initiatives
• Change management experience (including methodologies and best practices)
• Exemplary role in effective communication, including “embracing change/ growth” mindset. Encourages people to become change agents & embrace change. Explicitly communicates: why change, what will change, how, when, where and whom it impacts (with possible outcomes and costs). Adjusts communication style to the audience to help them understand and accept the change
• Highly organized and structured and make sure all processes run smoothly and in a reliable manner. Able to envision and design effective tools and resources to drive process optimization
• Be able to design and implement processes which aims to improve our internal partners needs and expectations

Program Management:

• 8-12 years of related experience in project management in a complex environment. PMP or similar certification preferred.
• 8+ years of proven record in having led and managed all facets of complex programs in large multinational/matrix organisations, using a range of different methodologies and techniques.
• Prior history of managing Program / Project Managers

Booking.com’s total rewards philosophy is not only about compensation but also about benefits. Our rewards are aimed at making it easier for you to experience all that life has to offer — all the messy, beautiful, and joyful bits — on your terms. So you can focus on what really matters. We offer competitive compensation as well as thoughtful, valuable, and even fun benefits which include:

• A great, brand new office to in the heart of Amsterdam

• 29 days’ paid holiday plus bank holidays

• On-site meals, coffee, and snacks, including healthy and vegan options, daily

• Health & well-being benefits such as mental health support, access to health insurance, etc.

• Employer contribution pension

• Industry-leading parental leave and adoption leave

• From day one of your employment with us, we offer 22 weeks’ fully paid leave for all new parents, regardless of gender or the way you become a parent

• Great discounts on accommodation, car rentals and other group benefits

• Carer’s leave. 10 days’ fully paid leave per year for colleagues who are caring for ill family members.

• Hybrid Working (NL): We believe in office attendance at least 40% of your time whilst empowering you with the flexibility to plan where to do your best work, as well as up to 20 days per year to Work from Abroad* (subject to terms and conditions)

If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.

Role Description

The IT Risk & Compliance Officer is responsible for partnering with risk owners throughout the Tech business function and other business units to design and maintain internal controls in line with our risk appetite and to maintain the quality of our processes. The role requires to work closely with stakeholders from multiple departments and to have a strong big picture focus, but be able to zoom in and out of the details to ensure full process understanding. Responsibilities and skills required for the IT Risk Officer role are tightly linked to the Capability Area they work for, in Risk Management (focus on risk identification, analysis and treatment), Risk Governance & Project Management (focus on policy governance), or Third Party Risk Management & Customer Trust (focus on 3rd party risk). The IT Risk & Compliance Officer role requires solid stakeholder management skills, and to be comfortable with challenging risk owners to come up with robust, scalable solutions which mitigate key risks while enabling successful business operations.

Key Job Responsibilities and Duties

R&C officers ensure adherence to regulations, internal policies, and industry best practices. This includes, but is not limited to:

• Risk Management Support risk owners to design controls that mitigate any relevant risks all the way through to implementation and monitoring.

• Provide advice on control design that is both sustainable and right sized (i.e. a simple solution for a simple problem, no overengineering).

• Coordinate new requests from the business functions and units for support with controls.

• Participate in sprint planning sessions from development teams to support risk identification, assessment and treatment during the development lifecycle.

• Assist in the development and leading of regular training/awareness programs to train and educate risk owners on internal controls topics.

• Stay flexible to meet the dynamic business needs, while maintaining robust solutions that strengthen the control environment.

• Risk Governance & Project Management Support the IT policy lifecycle management including the design, implementation and adoption of policies, standards and guidelines in the areas of cybersecurity, privacy and regulatory compliance.

• Build knowledge of internal controls, systems and process landscape to enable clear understanding of impact from IT policies and standards.

• Manage exceptions to IT policies and standards.

• Third Party Risk and Customer Trust Conduct third-party due diligence.

• Perform privacy and information security risk assessments at third parties. Identify opportunities to position data privacy and security not just as a risk management issue, but as a potential source of competitive advantage improving brand-building and corporate reputation.

• For specific documentation and guidelines, please refer to the Booking R&C Resource Center.

MySQL R&C Officer Specific Responsibilities

In addition to general R&C duties, the MySQL R&C Officer has the following specific responsibilities:

• Level 1 Operations and Control Execution

  • Being actively engaged in Level 1 operations.

  • Running and executing controls directly, rather than just reviewing them.

  • Ensuring the effectiveness of controls in real-time operations.

• Audit and Deficiency Management

  • Serving as the primary contact point for all internal and external audits related to MySQL.

  • Managing the response to audit findings and deficiencies.

  • Implementing corrective actions and tracking remediation efforts.

• Change Management

  • Overseeing changes in narratives as requirements and platform changes evolve.

  • Ensuring that documentation is updated to reflect current practices and requirements.

  • Coordinating with various teams to implement and validate changes.

• Compliance Ticket Management

  • Monitoring all compliance-related tickets for the MySQL teams.

  • Collecting evidence, and closing tickets that have been resolved.

  • Providing regular reminders to individuals with open tickets to ensure timely resolution.

• Backlog Management and Continuous Improvement

  • Maintaining a backlog of potential improvements for controls and processes.

  • Identifying and proposing solutions to avoid future deficiencies.

  • Working with the team to prioritize and implement backlog items to enhance overall compliance.

Role Qualifications and Requirements

• Bachelor degree

• Broad Job Knowledge (3 - 5 years) work experience in business analysis, auditing, corporate governance, risk management or internal controls.

• Ability to develop solid relationships with business partners in order to drive the adoption of the risk management culture.

• Thorough technical understanding of internal control requirements and design and experience in applying them in various businesses.

• Able to split large tasks into logical, manageable and decoupled actions which are managed effectively and delivered on time.

• Be flexible and agile in response to the change in business, change in stakeholder expectations and/or change in regulatory/operating environment of B.com.

• Strong independent contributor, while still a strong team player.

Booking.com’s Total Rewards Philosophy is not only about compensation but also about benefits. We offer a competitive , as well unique-to-Booking.com benefits which include:

• Annual paid time off and generous paid leave scheme including: parent, grandparent, bereavement, and care leave

• Hybrid working including flexible working arrangements, and up to 20 days per year working from abroad (home country)

• Industry leading product discounts - up to 1400 per year - for yourself, including automatic Genius Level 3 status and Booking.com wallet credit

• Living and working in Amsterdam, one of the most cosmopolitan cities in Europe

• Contributing to a high scale, complex, world renowned product and seeing real-time impact of your work on millions of travelers worldwide

• Working in a fast-paced and performance driven culture

• Opportunity to utilize technical expertise, leadership capabilities and entrepreneurial spirit

• Promote and drive impactful and innovative engineering solutions

• Technical, behavioral and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participation

• Competitive compensation and benefits package and some great added perks of working in the home city of Booking.com

Application Process:

This section should provide:

• Let’s go places together:

• This role does not come with relocation assistance.

If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.