ABOUT BRUNEL

Founded in 1975, Brunel has developed into an international group with 12,000 employees and a turnover of €1.4 billion. We deliver Project and Consulting Solutions, Workforce Solutions and Global Mobility Solutions that transform global projects in Renewables, Conventional Energy, Mining, Life Sciences, Future Mobility, Industrials & Technology and many other sectors.

Brunel is listed on Euronext Amsterdam NV and is included in the Amsterdam Small Cap Index (AScX). The organisation has grown into a renowned global brand with more than 120+ offices in over 40 countries on 6 continents. The head office of Brunel International is located in Amsterdam.

ABOUT THE ROLE

The Chief Information Security Officer (CISO) will lead and continuously strengthen Brunel’s information security capability. This role is responsible for defining, implementing, and maintaining the information security strategy, policies, and governance framework, ensuring alignment with business objectives and regulatory requirements.

They will oversee the organisation’s Information Security Management System (ISMS), lead risk assessments and audits, and ensure ongoing compliance with relevant standards, including ISO frameworks.

Working cross-functionally with IT, privacy, and business teams, the Information Security Manager will drive security awareness, manage incident response coordination, and lead initiatives to strengthen resilience against evolving cyber threats. The role also serves as the central point of contact for security matters, fostering a culture of accountability and continuous improvement across the organisation.

This is a highly visible leadership role requiring a balance of strategic oversight and hands-on coordination to safeguard the organisation’s information assets in an increasingly complex threat landscape.

ABOUT THE TEAM

The Chief Information Security Officer (CISO) acts as a trusted advisor to the senior leadership and global IT leaders at the Brunel HQ in Amsterdam, regional IT managers within our regions across the world, and our strategic external partners on decision-making across new technologies, infrastructure changes, and business initiatives. The role reports to the Head of IT and Digital Stefan de Boer and is based in our HQ in Amsterdam.

WHAT YOU’LL DO

• Establish, maintain, review, and update the information security policy and the associated information security plans.
• Organize and chair the monthly ISMS meetings.
• Act as an information security advisor to management for new ICT services and major changes to the ICT infrastructure.
• Advise line management on translating the information security policy into actionable security plans for their areas of responsibility and support the implementation of those plans.
• Initiate or delegate periodic security audits, risk assessments, dependency analyses, and vulnerability assessments, and coordinate the audit plan with the lead auditor.
• In cooperation with privacy officers, coordinate and advise on the handling of security incidents and, where necessary, major incidents or crises.
• Stay up to date with developments in the field of information security and, where required, initiate improvements or enhancements to products, methods, and ways of working.
• Develop and initiate periodic information security awareness programs and advise on employee training and information services to promote correct and secure use of information systems.
• Act as the central point of contact for information security matters when employees wish to report security incidents outside the regular hierarchical structure.
• Lead projects aimed at implementing information security measures and maintaining or improving the level of information security in both the short and long term.
• Monitor compliance with the information security policy and the resulting security measures.
• Periodically report on information security incidents and their handling to the responsible portfolio holder.
• Arrange and oversee independent third‑party reviews of information security.
• Keep informed of the latest threat developments and mitigation strategies, including through participation in the Multinational ISAC and other relevant committees.
• Maintain the ISMS administration, for example through Microsoft Teams or CyberManager.
• Work closely with internal and external IT auditors and support or guide external auditors and penetration testers as required.
• Collaborate with the business to support and advise on information security aspects within tenders.
• Periodically assess and monitor compliance with ISO standards.

WHAT WE’RE LOOKING FOR

• Proven experience in a senior information security role (e.g. Chief Information Security Officer (CISO), Head of Information Security or Information Security Manager or Cyber Security Manager)
• Strong background in ISMS management, including policy development and implementation
• Experience with risk management, audits, and compliance frameworks (e.g. ISO 27001)
• Track record of advising senior stakeholders on security strategy and risk
• Experience managing security incidents and working with auditors and third parties
• Ability to lead cross-functional projects in complex or international environments
• Strong knowledge of cybersecurity principles, threats, and mitigation strategies
• Experience with GRC frameworks, risk assessments, and vulnerability management
• Good understanding of modern IT environments (cloud, infrastructure, etc.)
• Degree in Cybersecurity, IT, or related field (or equivalent experience)
• Relevant certifications (e.g. CISSP, CISM, ISO 27001) preferred
• Strong communicator with the ability to influence senior stakeholders
• Strategic, structured, and proactive
• High level of integrity and professionalism

INTERVIEW PROCESS

Two interviews and an online assessment

WHAT'S IN IT FOR YOU

• Competitive base salary.
• Hybrid & flexible working – 3 days in the office.
• Coaching and mentoring through weekly check-ins.
• Friendly, collaborative & supportive team environment.
• Laptop and smart phone with Microsoft powered IT tools.
• Benefits; including pension scheme, group health insurance, 26 paid vacation days with the option to buy upto 40 vacation days per year, travel allowance scheme, bicycle lease plan, gym discount.
• Through the Brunel Academy - Brunel's learning & development programme - you have every opportunity to continue to develop yourself, both professionally and personally.