Information Security Officer

Information Security Officer

• Type of role: Freelance
• Duration: 12 months, with a chance of an extension;
• Ideal Start date: October 1^sy;
• Location: Amsterdam

The Mission
Keeping the company safe, secure, and compliant is a top priority. As part of the IT Security team, your focus will be on providing security subject matter expertise and education while instilling a core security mindset and culture. You will contribute to the delivery of various control improvements, assess risks, create awareness in cyber security, and act as a security liaison/ambassador for the delivery teams.

Key Responsibilities:

• Provide IT security advisory and guidance to teams involved in development and support.
• Assist teams in their information security and risk journeys, ensuring appropriate security controls are implemented.
• Act as an active member in the local Incident Response team with a focus on Cyber Security Incident Response, including scenario analysis, runbook development, and testing.
• Handle and follow up on security alerts, such as phishing and anti-malware.
• Review and approve Application Security Baselines.
• Review and challenge the security of external connections.
• Challenge and review security monitoring implementation and scope, including reviewing security event monitoring implementation and alerts.
• Review and challenge vulnerability and penetration test reports, follow up on remediation plans, and ensure proper execution.
• Check vulnerability scan reports and follow up on remediation.
• Ensure full compliance with established standards and policies.
• Act as a stakeholder in relevant risk assessment exercises and meetings.

Qualifications & Skills:

• 3-4 years of experience in an IT security role, preferably in a software company or financial institution.
• Understanding of network and web-related protocols such as TCP/IP, UDP, IPSEC, HTTP, and HTTPS.
• Familiarity with cloud security controls and best practices.
• Experience in developing cyber-security risk and incident management processes, with a solid understanding of the cyber threat landscape.
• Knowledge of frameworks such as ISO2700x, NIST, ISF, CIS, and similar.
• Relevant security certifications are a plus (e.g., ISC2 SSCP/CISSP, ISACA CISM/CISA, CompTIA Security+, EC-Council CEH, ISO/IEC 27001).

Competencies:

• Strong sense of ownership, urgency, and drive.
• Customer-focused and enjoy working as part of a team.
• Strong ability to build internal confidence in a situation of constant change.
• Excellent problem-solving and analytical thinking skills, with the ability to diagnose and resolve ambiguous problems.
• High resilience to stress and a constructive, collaborative mindset.
• Willingness to support and coach less experienced colleagues, providing help when needed and offering constructive criticism.
• Commitment to creating a friendly work environment based on respect, trust, and partnership values.

In case you are looking for a new assignment, apply now and we’ll schedule a meeting promptly.

Michael Bailey International is acting as an Employment Business in relation to this vacancy.