Senior Information Security Officer (ISO)

Information Security Officer

Location: Eindhoven, Netherlands

Salary: Competitive

Are you an experienced Information Security professional who thrives on building and developing an information security program in an international environment? Can you switch seamlessly between the boardroom and the operational floor, and do you feel at home in a role where you both provide strategic advice and get hands-on when needed? Then this opportunity could be a great fit.

As an Information Security Officer, you will be the central point of contact for information security across an international group organisation.

Reporting to the IT Director, you will be responsible for the security programme across multiple operating companies.

You will continue developing the existing security framework and help take the organisation's security maturity to the next level.

This is a standalone position with ownership and autonomy.

You will manage an external SOC service provider and oversee the broader security roadmap, while working closely with stakeholders across the business.

• Maintain and further develop the group-wide ISMS based on ISO 27001 and NIS2;


• Advise executive leadership on cyber risks and support GDPR compliance in collaboration with legal teams;


• Manage the external SOC service provider and act as Incident Commander during security incidents;


• Maintain and improve the technical security architecture, including EDR, network segmentation, IAM, and endpoint compliance;


• Manage third-party risk processes and conduct internal audits on security controls and the ISMS;


• Prepare the organisation for ISO 27001 certification;


• Lead the security awareness programme and internal phishing simulations;


• Engage with a broad international stakeholder group ranging from senior leadership to operational teams.

• Minimum 5+ years of experience in information security;


• Proven experience building or developing security programmes aligned to ISO 27001, NIS2, and/or GDPR;


• Hands-on experience with incident response and managing external security providers such as SOC partners;


• Strong communication skills in both Dutch and English;


• Ability to operate effectively across executive and technical environments within an international organisation;


• Relevant certifications such as CISM, CISSP, CCISO, ISO 27001 Lead Implementer/Auditor, or SC-100/SC-200 are highly desirable;


• Experience with the Microsoft 365 security stack is preferred.

• The opportunity to make a visible impact within a growing international organisation;


• High level of ownership and exposure to executive leadership;


• 25 vacation days with the possibility to earn additional days;


• Strong pension package;


• Flexible working hours and hybrid working options;


• Company laptop and mobile phone;


• Supportive and collaborative culture with regular social activities and events.

Venquis is acting as an Employment Agency in relation to this vacancy.