Information Security Officer

Would you like to help set up our way of working in a challenging environment? Do you like to work in a small team of experienced and enthusiastic colleagues? Do you have a deep understanding of IT security and compliance methods? And are you able to connect with your technical and non-technical stakeholders and get things done? Then we have a great opportunity for you!

In SDIP we are looking for a proactive and ambitious Information Security Officer with passion for Information Security, enjoys applying security frameworks into practice and coach IT teams on actually being in control.

What you are going to do

As an ISO within SDIP department of Non-Life you will be focusing on security activities for the staff departments (Strategy, Transformation & Pricing, Finance and Risk) of Non-Life. Our department’s scope and therefore number of applications has recently increased which brings challenges to make and keep them compliant. Being able to get the message across, gain buy-in with all your stakeholders is an important part of your role. We assist the IT teams in making informed decisions, supporting them in discussions and give solicited and unsolicited advice. Our ongoing challenge is to optimize IT security procedures and processes, automate as much as possible to increase quality and reduce manual procedures.

Your responsibilities include:

• Preserving the Confidentially Integrity and Availability of applications as your highest priority
• Advising a wide variety of stakeholders (devops teams, contract managers, staff departments) technically, content, and process-wise on risk exposure, how to implement the required security measures and minimize the risks within their domain
• Working closely with the BSO and BCM expert within the Security team on a wide variety of security and compliance tasks, e.g. coordinating periodic IT control tracking and local Financial Risk Reporting control tracking, regulatory compliance reporting, reviewing security documentation, deep-dive asset reviews, provide IT security training and coaching, interpret vulnerabilities and security incidents on impact for services
• Working in close cooperation with the IT teams to proactively identify the appropriate security measures and support devops teams to implement them

What we offer you
NN invests in an inclusive, inspiring work environment and in skills and competences for the future. We match this with employee benefits that are in line with what is needed today and in the future. This way, we offer our employees the opportunity to get the best out of themselves. We offer you:

• Salary between €4,686 and €6,694 depending on your knowledge and experience
• 13th month and holiday allowance are paid with your monthly salary
• 27 vacation days for a 5-day working week and one Diversity Day
• A modern pension administered by BeFrank
• Plenty of training and learning opportunities
• NS Business Card 2nd class, which gives you unlimited travel, also privately. Do you prefer to travel with your own transport? Then you can declare the kilometers travelled
• Allowances for setting up your home office and for internet use

Who you are

• Concise and eye for detail while keeping the overall picture and goal in mind
• Clear communication style and being able to cooperate with people with various backgrounds. You listen carefully to your stakeholders and are able to translate their needs. You are solution minded and decisive to getting things done
• A strong independent ISO who can manage its own circle of influence. Meanwhile, you are able to keep calm and focused in order to work goal oriented and achieve results
• You are aware of your strengths and improvement areas and are consciously working on your personal development. In order to keep learning, you like to stay up-to-date with the latest developments within the security field
• Skilled and experienced (+5 years) in IT and IT security, preferably educated as Bachelor or Master degree in IT (or other technical and/or security oriented study). Being SSCP or CISSP certified is an advantage. Being SSCP or CISSP certified is an advantage, strong understanding of Microsoft Azure and SC-900 or AZ-500 certifications are a pre

There is no relocation budget available for this role and we are looking for someone currently living in The Netherlands.

Who you will work with

You can count on a warm welcome and helpful colleagues in our team IT Services. Together with the business security officer and the security & BCM coordinator you form a small security team for our staff departments. Furthermore, we have specialists in the team regarding contract management and business control. We are a well-balanced team in experience, background, age, gender and a variety of skills working together on our departments ambition to provide (IT) infrastructure and services to enable the data-driven and digitalization ambitions of Non-Life.​ Together we are an enthusiastic group of colleagues eager to getting things done and help our stakeholders improve and develop their operational excellence, cost efficiency and minimize their security and compliance risks. And very important: having fun in working together and have regular team drinks or social activities such as plastic whale phishing and a prison escape experience!

Any questions?

If you have any questions about the job or process you can contact our Talent Acquisition Specialist Jarmo Fernhout via Jarmo.Fernhout@nn-group.com.