Our client is looking for an ISO who will coordinate and initiate the implementation of various security driven risk measures on people, process and technology and ensure the overall compliancy of the organization though the development, management and implementation of the company's policies, SOPs and Work Instructions. The ISO will work together with the organization and our main suppliers to implement measures and structurally embed these in processes. Additionally, the ISO will work to increase information security awareness in the organization. In this, we look for methods where changes in ways of working are implemented in a creative, interactive and professional way. Aside, the ISO will act as a Compliance Officer who regularly reviews employee work, coordinates policy developments and responds to and prevents policy violations.
- Implementing security measures to address risks in a variety of
- Coordinating the implementation of measures where colleagues are
- Initiating progress and conversations on information
- Embedding information security improvements in the
- Increasing awareness in the
- Developing, implementing and managing a compliance
- Coordinating the development and review cycles for company
- Advising on information security aspects of developments in the
- Increasing the maturity of information security.
- Enhancing the Information Security Management System (ISMS).
- Developing and implementing policies (SOPs and WI).
- Overall governance and compliancy management.
- Auditing company procedures, practices and documents to identify possible weaknesses or risks.
- Good communication skills (verbal and written)
- Structured and analytical
- Able to coordinate changes in the organization
- Knowledgeable and willing to help and share knowledge
- Able to explain complicated concepts in understandable language
- Fluent in English
- Minimum of 5 years' experience in the field of information security
- CISM, CISA and/or CISSP certified, or willing to obtain certification
- Experience in a coordinating role in relation to information security and/or policies and/or IT
- Knowledge of latest developments in the information security area
- Knowledge of common standards in information security such as ISO27001
- Experience in writing and implementing policies
- Experience in change management
- Experience in compliance/governance and or (legal) requirements and procedures
- Experience in data protection regulation and implementation
- Broad understanding of IT (systems, applications, APIs, ITIL processes, architecture, etc.)