Senior Information Security Officer

Description:

As a Senior Information Security Officer, you have over 5 years of experience in designing and implementing cyber and information security architecture.

Key Responsibilities:

• Provide cyber and information security advice for innovative projects and initiatives.
• Screen applications, processes, and suppliers to ensure compliance with security standards.
• Participate in maturity assessments and contribute to risk management by drawing up action plans.
• Collaborate with management and IT teams to improve security practices.
• Educate colleagues on security software and best practices.
• Draft and enforce security policies.
• Stay up to date with IT security standards, technologies, and threat developments.

Core Competencies:

• Analytical thinking
• Collaboration and teamwork
• Conceptual thinking
• Effective communication

Preferred Certifications (a plus):

CISSP, CISM, CISO, or similar

Qualifications & Skills

Technical Expertise:

• ICT knowledge
• Cyber risk management
• Information security
• Software Development Life Cycle (SDLC)
• Vulnerability management

Languages:

• Dutch
• English

Soft Skills:

• Clear, structured, and convincing communication
• Strong collaboration and team spirit
• Independent and self-reliant

Job Context

The Information Security Officer (ISO) is a senior-level advisory role, responsible for guiding their assigned business area through all matters concerning information security.

Key ISO Tasks:

• Support risk management by providing risk assessments, advising on treatment options, and monitoring action plans.
• Provide expert information security guidance for projects, initiatives, and business queries.
• Oversee rollout of information security initiatives across the organization.
• Ensure consistent implementation and management of security controls and processes.
• Report regularly to senior management on risks, initiatives, incidents, and awareness results (e.g., phishing tests).
• Engage in vendor assessments, incident response, and related security processes.

Requirements:

• Minimum of 3 years in an information security advisory role (ISO, risk management, etc.).
• Strong IT background enabling thorough risk assessments and high-quality recommendations.
• Not a hands-on technical role (not SOC analyst, security engineer, or project leader).
• Strong communication skills in Dutch and English.
• Ability to explain technical concepts to both technical and non-technical stakeholders.
• Proactive, initiative-driven working style.