Senior Information Security Officer
Description:
As a Senior Information Security Officer, you have over 5 years of experience in designing and implementing cyber and information security architecture.
Key Responsibilities:
- Provide cyber and information security advice for innovative projects and initiatives.
- Screen applications, processes, and suppliers to ensure compliance with security standards.
- Participate in maturity assessments and contribute to risk management by drawing up action plans.
- Collaborate with management and IT teams to improve security practices.
- Educate colleagues on security software and best practices.
- Draft and enforce security policies.
- Stay up to date with IT security standards, technologies, and threat developments.
Core Competencies:
- Analytical thinking
- Collaboration and teamwork
- Conceptual thinking
- Effective communication
Preferred Certifications (a plus):
CISSP, CISM, CISO, or similar
Qualifications & Skills
Technical Expertise:
- ICT knowledge
- Cyber risk management
- Information security
- Software Development Life Cycle (SDLC)
- Vulnerability management
Languages:
Soft Skills:
- Clear, structured, and convincing communication
- Strong collaboration and team spirit
- Independent and self-reliant
Job Context
The Information Security Officer (ISO) is a senior-level advisory role, responsible for guiding their assigned business area through all matters concerning information security.
Key ISO Tasks:
- Support risk management by providing risk assessments, advising on treatment options, and monitoring action plans.
- Provide expert information security guidance for projects, initiatives, and business queries.
- Oversee rollout of information security initiatives across the organization.
- Ensure consistent implementation and management of security controls and processes.
- Report regularly to senior management on risks, initiatives, incidents, and awareness results (e.g., phishing tests).
- Engage in vendor assessments, incident response, and related security processes.
Requirements:
- Minimum of 3 years in an information security advisory role (ISO, risk management, etc.).
- Strong IT background enabling thorough risk assessments and high-quality recommendations.
- Not a hands-on technical role (not SOC analyst, security engineer, or project leader).
- Strong communication skills in Dutch and English.
- Ability to explain technical concepts to both technical and non-technical stakeholders.
- Proactive, initiative-driven working style.