Chief Information Security Officer (CISO)

Job Description:

As the Chief Information Security Officer (CISO) you will be responsible for defining and executing the enterprise-wide cybersecurity and information risk strategy for our client. The CISO safeguards the confidentiality, integrity and availability of sensitive data while enabling our client’s digital transformation, data-driven innovation and cloud-based technology landscape.

You will be working closely with C-suite, executive leadership and regulators, and as the CISO, you will ensure that cybersecurity, cyber resilience and data protection are embedded across technology, business operations and partner ecosystems.

You will play a central role in enabling our clients shift toward a digital enterprise, where technology and data increasingly drive innovation in insurance services and customer experience.

The role ensures that cybersecurity and resilience are embedded across the organisation while maintaining the trust of millions of insured customers and regulators.

Your profile & Leadership Experience:

• Extensive experience as a Senior cybersecurity leader (CISO / Head of Security / Director-level) in a large, regulated environment such as insurance, banking, healthcare or critical infrastructure.
• Experience working closely with C-suite and board-level stakeholders.
• Strategic thinker with strong business acumen.
• Able to translate cybersecurity risk into board-level business language.
• Collaborative leader capable of bridging technology, risk, compliance and business teams.

Your Technical & Strategic Expertise:

Strong knowledge of:

• Enterprise cybersecurity strategy and governance
• Cloud security and modern platform environments
• Security architecture and DevSecOps
• Cyber resilience and incident response
• Third-party risk management
• Data protection and privacy frameworks.

Key Responsibilities:

Regulatory & Industry Experience

• Experience operating within highly regulated sectors, ideally financial services or healthcare.
• Familiarity with European security and privacy frameworks including GDPR and financial regulatory oversight.

Regulatory Compliance & Data Protection

• Ensure compliance with relevant regulations and standards, including:
• DNB and Dutch financial regulatory requirements
• GDPR and healthcare data protection obligations
• Industry security frameworks (e.g., ISO 27001 / NIST / CIS).
• Oversee third-party security governance across vendors, partners and digital ecosystems.

Security Strategy & Governance

• Define and execute the enterprise cybersecurity strategy aligned with the organisation’s digital, data and cloud strategy.
• Establish and maintain the information security governance framework, policies and controls across the organisation.
• Advise C-suite colleagues and Executive Board on cyber risk, regulatory obligations and security investments.

Cyber Risk Management

• Lead the enterprise cyber risk management program, ensuring effective identification, assessment and mitigation of threats.
• Develop security risk metrics and reporting for executive and board oversight.
• Ensure cybersecurity is embedded within enterprise risk management and operational resilience frameworks.

Cyber Resilience & Incident Response

• Establish and lead the organisation’s cyber resilience strategy, including incident response, threat intelligence and crisis management.

Ensure robust capabilities in:

• Security operations and monitoring
• Threat detection and response
• Business continuity and disaster recovery.
• Secure Digital Transformation

Work closely with technology and data leadership to ensure security is embedded into:

Cloud platforms and digital architecture

Data and AI initiatives

• DevSecOps and software development practices.
• Enable secure innovation across digital healthcare services and customer platforms.
• Leadership & Stakeholder Management
• Build and lead the information security organisation, including security architecture, governance, and operational security teams.
• Act as the primary cybersecurity advisor to your C-suite colleagues and the executive leadership team and board.
• Represent our client externally on cybersecurity topics with regulators, industry bodies and partners.

If this opportunity aligns with your experience and ambitions, we would welcome the chance to speak with you. The position offers a competitive executive-level remuneration package in line with Dutch C-suite expectations, together with the opportunity to shape the cybersecurity strategy of a leading insurer and play a key role in enabling secure digital transformation at board level.