Information Security Officer

Join a pension fund supporting the financial future of over 100,000 members. As an Information Security Officer, you'll play a key role in strengthening the organisation's security posture within a highly regulated Dutch financial environment. You'll bridge strategy and execution-translating frameworks into practical controls, challenging risks, and helping the organisation stay resilient in an evolving threat landscape.

What you'll be doing

• Translate security strategy into practice by turning frameworks and standards into clear policies and operational controls.
• Define, implement, and monitor information protection measures that promote secure behaviour across the organisation.
• Maintain and enhance the ICT continuity plan to ensure readiness for disruptions and major incidents.
• Perform risk assessments across internal processes, projects, and third-party providers, identifying vulnerabilities and control gaps.
• Monitor supplier compliance with security requirements set out in contracts and risk frameworks.
• Coordinate testing activities across the risk cycle (e.g. continuity testing, control validation, scenario analysis).
• Ensure alignment with relevant Dutch and European regulations and standards, including DNB Good Practices, ISAE frameworks, and DORA.

What you bring

• A bachelor's degree or higher, ideally complemented by certifications such as CISSP, CISM, or CISA.
• At least 3 years of experience in Information Security, IT Risk, or Cybersecurity.
• Prior experience in pensions, asset management, or financial services is an advantage.
• Strong understanding of cybersecurity principles, frameworks, and best practices.
• Familiarity with key regulatory and assurance standards (e.g. ISAE 3402, ISAE 3000, GDPR, DORA).
• A structured, analytical approach with the ability to translate technical risks into clear business insights.
• Fluency in Dutch, enabling effective collaboration with internal stakeholders and regulators.