Security Compliance Officer

We are looking for a Security Compliance Officer based in Diemen, Netherlands.

As an IT compliance manager, you are part of the information security team. This team is responsible for the full breadth of information security at Randstad, from defining Randstad’s information security policy to providing operational services that help keep Randstad secure. We’re looking for a new colleague that will be responsible for the 2nd line of defense for Randstad Global in Information Security. You’ll work with Operating Company teams, Global IT colleagues and partners to support them on applying Randstad’s Information Security policy, ensuring provable compliance and management of related risks. Of course you are not alone in this, in this role you can rely on colleagues responsible for IT policy and assurance and business risk & audit to support you.

Key Responsibilities:

• Improve Information security 2nd line of defense role at Randstad Global, in overseeing risk and monitoring of IT and IS related first-line-of-defense controls in our Operating Companies/markets.
• Conduct periodic internal compliance reviews / audits to assess and enhance the effectiveness of the information security management system of operating companies/markets , adhering to ISO 27001 standard.
• Ensure compliance with regulatory requirements and industry best practices.
• Perform gap analysis to evaluate the effectiveness and compliance of operational processes with our corporate security policies and guidelines ; and provide recommendations to identify areas for improvement, with proposed remediation
• Provide guidance to our colleagues located globally in becoming compliant with our control frameworks.
• Prepare comprehensive audit reports, highlighting findings and recommendations for improvement.

Role related competencies:

• Bachelor's degree in Information Technology, Cybersecurity, or a related field.
• Certified Lead Auditor in ISO 27001:2013 or 2022 standard.
• At least 5 years of experience in conducting internal audits and implementing information security best practices.
• Strong understanding of information security principles, controls, and frameworks.
• Basic understanding and some experience in Third-Party Risk Management (TPRM) is preferred but not mandatory.
• Excellent communication and interpersonal skills, with the ability to collaborate effectively with diverse teams.
• Able to prepare concise reports for senior management, including C-level
• Proficiency in relevant tools and technologies related to information security auditing.

General competencies:

• Good command of the English language
• Excellent analytical skills
• Ability to operate in a matrix organization
• Self-starting and self-supporting
• Ability to manage a team without direct reporting lines
• Hands-on
• Service-oriented
• Likes to work in an international environment with different cultures
• Enthusiastic and pragmatic, result driven