Information Security Officer

Information Governance & Policy Specialist - freelance - 1 day per week in Den Bosch - Dutch speaking - 12 months contract

The CISO office is responsible for ensuring information security within the organization. The team collaborates with various departments to maintain the integrity, confidentiality, and availability of information, with a strong focus on effective risk management and compliance with relevant regulations.

Job Description

We are looking for an experienced Information Governance & Policy Specialist within the CISO office. In this role, you will be responsible for developing, maintaining, and improving standards, policies, and guidelines in the field of information security.

You will convert abstract governance, risk, and control frameworks into concrete, applicable standards and guidelines that can be used within the organization. This includes a clear, concise approach, clearly stating what the organization expects from its employees and systems in the field of information security.

You will work closely with internal stakeholders such as ICT, risk management, and compliance, ensuring that information security standards meet organizational needs and contribute to compliance with NIS2, ISO/IEC 27001, and other relevant regulations.

Key Responsibilities

• Develop and maintain information security standards, policies, and guidelines, focusing on compliance and organizational alignment.
• Translate complex security and governance frameworks into practical and usable standards and guidelines for the organization.
• Ensure all information security guidelines align with business objectives and meet risk acceptance and compliance requirements.
• Guide the implementation of these standards through support and communication with the involved departments.
• Periodically evaluate and adapt standards and guidelines to new developments in legislation, regulations, and internal risk analyses.
• Organize workshops and training to increase awareness of the standards and ensure effective implementation within the organization.

Job Requirements

Required Expertise:

• Minimum 5 years of experience in drafting standards, policies, and guidelines within information security or similar functions.
• In-depth knowledge of frameworks such as NIST, ISO/IEC 27001/2, Cobit, and NIS2, with experience translating these frameworks into organizational standards.
• Certifications such as CISSP, CISA, CISM, and/or CRISC are a plus.
• Excellent writing skills with the ability to translate complex security concepts into clear and accessible documents.
• Experience in aligning information security with business goals and dealing with stakeholders within complex organizations.

Office Day:

• 1 fixed office day: Thursday

Please apply - [email protected] // +31202417315