Information Security Risk & Compliance Officer

Would you like to work in a dynamic working environment where no day is the same? Do you like diversity in your daily routine and are you interested in being able to use your knowledge and skills in an international environment?

Then we are looking for you!

  • Information Security Risk & Compliance Officer
  • Fulltime, Amersfoort
  • Annual Salary: EUR 65.000 – EUR 103.000

What are you going to do?

As our new Information Security Risk & Compliance Officer you are responsible for managing Nobian information security risk and monitoring and reporting on compliance to Nobian information security requirements. You work in close cooperation with your colleagues to mature the information security control framework and work with our Information Management (IM) department.

You also work with our production sites to assess compliance of our IT and Operational Technology (OT) environments. In addition, you will be responsible for the information risk management processes; to mature these, to set direction and evaluate and improve on tooling supporting these processes and monitoring of the control framework. This is a challenging job where you get a lot of freedom to put your knowledge and skills into practice.

  • You are responsible for periodically monitoring compliance of our IT suppliers to our security requirements.
  • You will be involved in continuous improvement projects.
  • A key part and challenge of this function is to include our OT environment in reporting on compliance of our security controls.
  • You own, improve, and execute the information security risk management process.
  • You are guiding risk acceptance requests and you are registering risk acceptances.
  • You are continuously improving our risk assessment & control selection process, consisting of a business impact assessment, third party assessment and a control selection procedure.
  • You ensure that our tooling is still fit for purpose, and you are going to initiate and support projects if replacement is deemed necessary.
  • You are going to support audits and you are responding to security questionnaires.

In addition:

  • You will provide input from our own reports on our security controls.
  • You master English in word and writing.
  • You are service-oriented towards your customers.
  • You can act independently, are proactive and can ask the necessary critical questions.

Do you have it what it takes?

You have a master or bachelor’s degree in computer science, computer engineering, cyber security or a related field of study. Also, you have significant relevant work experience and broad general knowledge of and personal interest in information security and risk management. It is important that you have highly developed interpersonal skills.

You can convince colleagues of the need for cyber security, have a well-developed and natural persuasiveness, you can ask further questions when necessary and you can transfer your knowledge well.

  • You have experience in reporting on information security compliance 
  • You have knowledge of and experience in applying & implementing information security standards and frameworks like ISO/IEC 27001 / 27002, NIST CSF and COBIT.
  • Ideally, you have a minimum of 3 years relevant works experience in an international corporation.
  • You have a high degree of relevant technology know-how so that compliance with technical measures can be assessed.
  • You have strong communication, writing and listening skills with business owners, IM teams, and suppliers.
  • You can manage and motivate indirect reports.
    Ability to drive incremental changes through others.
  • You are true innovator, and you possess a continuous improvement mindset.
  • You are good at prioritizing your tasks.
  • You think in terms of chances and possibilities.

About the department
The department is open, informal and mature. We are building up the organization, so there is a lot of freedom to organize your own. As a professional, you know exactly what it takes to perform your tasks well and we provide you with all the freedom to succeed in your tasks. You will quickly become acquainted with business operations at our department. In addition, the step to business is short, so you can get tasks done quickly. Do you have what it takes?

Apply now and become our new Information Security Risk & Compliance Officer

We are looking forward to receiving your online application via our website. Please use the ‘apply’ link on this page and upload your CV and job specific cover letter. Any questions? Please contact Ricardo Abbas;

Apply here

We have already chosen our sourcing channels for this recruitment and kindly ask not to be contacted by any advertisement agents, recruitment agencies or manning companies.