Chief Information Security Officer (CISO)

We are looking for an experienced CISO to help secure the digital infrastructure of a dynamic municipality. This is a unique opportunity to make a real impact in the public sector, where you'll be instrumental in implementing the NIS2 directive and strengthening the organization's cybersecurity posture.

You'll work with team Control, specifically the Privacy and Information Security (PIN) sub-team, where we value autonomy, collaboration, and shared responsibility. This is a part-time role (8-16 hours per week) for 6 months, with the possibility of extension.

• Develop and execute a comprehensive action plan to ensure compliance with NEN7510, ISO27001, NIS2 and other relevant cybersecurity legislation
• Advise departments, management, and executive leadership on all aspects of information security
• Maintain oversight of organizational risks, compliance status, and improvement initiatives
• Report directly to senior management on security matters and strategic developments
• Lead incident response coordination during security incidents and digital crises
• Ensure swift and effective handling of vulnerabilities and threats
• Develop, implement, and maintain effective information security policies aligned with legal requirements, best practices, and industry guidelines
• Bridge the gap between technical security requirements and organizational/political realities

• Strategic thinker with hands-on mentality and strong communication skills
• Hold an active CISM, CISA, and/or CISSP certification
• Minimum 3 years of proven experience as CISO, with at least 2 years within the last 5 years
• Minimum 2 years of demonstrable experience working with municipal processes and governmental accountability structures)
• Deep knowledge of ISO27001/NIS2/NEN7510 (please specify concrete experience through courses, training, or project work in your CV)
• Native or near-native Dutch speaker - you'll be interfacing with local government and writing policy documents
• Able to be present in Capelle aan den IJssel (Zuid-Holland) on wednesdays or fridays.

• Experience implementing cybersecurity frameworks in other public sector organizations
• Knowledge of privacy legislation (AVG/GDPR) and its intersection with information security
• Experience with crisis communication and stakeholder management
• Familiarity with cloud security and modern infrastructure challenges

• The opportunity to shape information security strategy in a developing municipal organization
• Work with a collaborative team where colleagues are equals and freely distribute and execute work
• A flexible part-time arrangement (8-16 hours per week) that fits your schedule
• The chance to make a meaningful contribution to public sector cybersecurity
• A 6-month contract with potential for extension
• Competitive compensation reflecting your expertise

We'd love to hear from you! Please submit your CV (highlighting your CISM/CISA/CISSP certification, CISO experience, and NIS2/BIO2 knowledge) as PDF to [email protected]