Head IT Security, Risk and Compliance

We are seeking an experienced and strategic, Head of IT SRC, to lead our Global information security and governance initiatives. This role will report directly to the Global CIO and will be responsible for developing and implementing a comprehensive information security strategy across all group units and markets worldwide, with a particular focus on serving clients in Banking, Life Sciences, and Artificial Intelligence sectors.

Location

- Position will be based in either:

- Netherlands (Amsterdam or other major cities)

- India (major tech hubs)

- Regular travel required between these locations and other global offices (30-40%)

Key Responsibilities

Strategic Leadership

- Develop and execute a comprehensive global information security strategy aligned with business objectives and risk appetite

- Lead the organization's cybersecurity vision, planning, and program development to ensure protection of company assets and data

- Establish and maintain relationships with key stakeholders across business units and markets to ensure alignment of security initiatives

- Drive digital transformation initiatives while ensuring security by design

- Develop deep understanding of client industry security requirements, particularly in Banking, Life Sciences, and AI domains

Security Operations & Architecture (in partnership with Global IT Head of Infrastructure)

- Design and oversee the implementation of enterprise-wide security architecture and controls

- Establish and maintain a Security Operations Center (SOC) to monitor and respond to security incidents,

- Lead incident response planning and execution, including crisis management and business continuity

- Implement and maintain security tools, technologies, and services that protect company assets

- Ensure security measures address specific requirements of regulated industries

Governance, Risk & Compliance

- Develop and maintain information security policies, standards, and procedures

- Ensure compliance with relevant regulatory requirements (e.g., GDPR, CCPA, ISO 27001)

- Establish and oversee security risk management framework and assessment processes

- Lead security audit programs and manage relationships with external auditors

- Regular reporting to board and executive leadership on security posture and risks

Learning & Development Leadership

- Design and implement a comprehensive security awareness and education program across the organization

- Develop and maintain a continuous learning curriculum for security professionals

- Create specialized training tracks for different roles and expertise levels

- Establish partnerships with leading security training providers and certification bodies

- Implement metrics to track learning effectiveness and security awareness improvements

- Foster knowledge sharing and best practices across global teams

- Design and oversee mentorship programs for security professionals

Team Leadership & Development

- Build and lead a high-performing global information security team

- Develop and mentor security professionals across the organization

- Foster a security-aware culture through training and awareness programs

- Manage security budget and resource allocation

Required Qualifications

- 15+ years of experience in information security, with at least 8 years in senior leadership roles

- Bachelor's degree in Computer Science, Information Technology, or related field

- Master's degree preferred (MBA, MSc in Cybersecurity, or similar)

- Relevant certifications (CISSP, CISM, CRISC) required

- Demonstrated experience in developing and implementing global security strategies

- Strong understanding of security frameworks (NIST, ISO 27001, CIS Controls)

- Experience with cloud security, zero trust architectures, and emerging technologies

- Excellent communication skills with ability to influence C-level executives

- Track record of building and leading high-performing security teams

Preferred Experience

- Previous CISO experience in a Global IT consulting organization

- Direct experience with security requirements in Banking, Life Sciences, or AI sectors

- Strong understanding of regulatory requirements in financial services and healthcare

- Experience developing and implementing learning and development programs

- Background in consulting or professional services

- Experience with M&A security integration

Industry Knowledge

- Deep understanding of cybersecurity challenges and requirements in:

- Banking and Financial Services (including regulatory compliance)

- Life Sciences and Healthcare

- Artificial Intelligence and Machine Learning

- Digital Transformation initiatives

- Knowledge of industry-specific regulations and compliance requirements

- Understanding of emerging technologies and their security implications

Key Competencies

- Strategic thinking and executive presence

- Strong business acumen and ability to align security with business objectives

- Excellent stakeholder management and communication skills

- Crisis management and decision-making abilities

- Change management and organizational transformation expertise

- Innovation mindset with focus on continuous improvement

- Strong teaching and mentoring capabilities