Senior Security Officer (focus op compliance & governance)
Our client is a forward-thinking organization that manages extensive data across multiple business units, fostering a culture that values continuous improvement and compliance. This role offers an opportunity to make a tangible impact by ensuring robust information security practices that are embedded in daily operations, not just on paper. You will work at the intersection of IT, privacy, and executive management, guiding the organization through complex regulatory landscapes, such as NIS2, DORA, and ISO 27001, to address evolving security risks effectively.
Role Overview:
The Senior Security Officer will develop and oversee the organization’s information security management system (ISMS), translating legal requirements and frameworks into practical policies and processes. You will conduct gap analyses, lead audits, and collaborate with stakeholders at all levels to identify risks and implement improvements. Your strategic insights will support the organization’s compliance efforts, security maturity, and broader data protection initiatives, including considerations around AI and third-party suppliers.
Key Skills & Experience:
• HBO level (IT, Security, Business IT or similar)
• Minimum 5 years of experience in information security, GRC, or comparable roles
• Familiarity with frameworks like ISO 27001 (BIO is a plus)
• Knowledge of regulations such as NIS2 and DORA
• Experience with audits, risk management, and compliance projects
• Ability to develop policies, perform gap analyses, and interpret IT environments (e.g., Azure, IAM, networks) without deep technical immersion
• Strong stakeholder engagement skills, including working with IT teams and executive management
• Risk assessment and advisory capabilities
• Relevant certifications like CISSP, CISM, CISA, or ISO 27001 Lead Implementer/Auditor (preferred but not essential)
Key Responsibilities:
• Establish and structure the organization’s approach to information security and compliance
• Translate legal requirements and frameworks into clear guidelines and operational processes
• Develop and maintain policies and procedures, conducting gap analyses and risk assessments
• Lead and support audit activities, ensuring follow-up and continuous improvement
• Manage the ISMS, ensuring ongoing development and adherence to standards
• Advise on security reviews, monitoring, pentesting, and supplier security assessments
• Collaborate with privacy teams and address broader topics such as data security and regulatory changes
• Present risks and strategic recommendations clearly to IT teams and senior management
Requirements:
• Right to work in the relevant location
• On-site working required
• Relevant experience as stated above
• Willingness to start by 28/05/2026
Nice to Have (Optional):
• Additional certifications (CISSP, CISM, CISA, ISO 27001 Lead Auditor/Implementer)
If you are a structured thinker with strong communication skills and a proactive approach to security governance, we encourage you to apply and help our client build a resilient, compliant security posture.
