Information Security Officer
- Arnhem, Gelderland
- Vast
- Voltijds
Hours: 36–40 per week
Start date: 1 September 2025
End date: 31 August 2026
Education: HBO (Bachelor's) or higherAre you ready to help shape a resilient digital infrastructure for the energy transition? We’re looking for a skilled Information Security Officer who can strengthen business continuity and boost cybersecurity awareness across the organization. You'll act as a trusted advisor within the Business Technology Organisation (BTO), operating in the second line of defense.You’ll play a key role in embedding security and resilience into daily operations, ensuring alignment with the corporate Information Security Management System (ISMS) and international standards.Your responsibilities include:Advising IT teams and BTO stakeholders on business continuity and cybersecurity topicsDeveloping and implementing strategies, policies and compliance structures for Business Continuity Management (BCM)Designing and rolling out cybersecurity awareness and training programsPromoting a strong security culture throughout the organizationSupporting BCM activities such as risk assessments, testing, compliance reviews and reportingAligning security practices with international standards like ISO 27001 and the corporate ISMSCollaborating with internal and external auditors and leading assurance effortsCoordinating internal communication around continuity and security topicsSupporting leadership with clear, risk-based reporting and actionable insightsEnsuring strong alignment between local practices and global security frameworksYour profile:A completed HBO or university degree in Information Security, IT, Business Administration or a related fieldAt least 5 years of hands-on experience in Business Continuity Management and cybersecurity awarenessProven ability to develop and deliver internal training and awareness programsFamiliarity with standards and frameworks such as ISO 27001, NIST, COBIT, GDPR, ISO 31000 and ITIL 4Experience with cloud security, network security and Identity & Access Management (IAM)Relevant certifications such as CISSP, CISM, CRISC or CISA are a strong plusExcellent stakeholder management and communication skillsStrong analytical and documentation capabilitiesFluency in English is required; Dutch or German is a plusWillingness to work 2–3 days per week in Arnhem and travel to Germany once per quarter