Senior (Technical) Information Security Officer Amsterdam • Cyber Security District

Are you a seasoned information security professional with a passion for guiding teams, maturing processes, and influencing security strategy across a dynamic, international environment?

A growing Information Security team within a European organization is seeking a Senior Information Security Officer. This is a key role for someone excited by the opportunity to shape the future of security operations, mentor medior colleagues, and work across a wide range of technologies and regulatory landscapes.

You’ll join a newly established team of six within the broader Risk & Compliance function, reporting into the Chief Risk Officer. The team is focused on advancing the organization’s cyber resilience across all areas of the business and driving a strong security culture.

• Develop and maintain cybersecurity policy frameworks, ensuring alignment with current threats, regulations, and best practices.
• Evaluate the design and implementation of security controls implemented by the first line (e.g., IT, DevOps).
• Review technical risk assessments and advise on risk mitigation aligned with the organization’s risk appetite.
• Participate in architecture and change boards, offering guidance on security implications.
• Advise on secure system design, DevSecOps, and cloud security (especially Azure).
• Define and monitor cybersecurity KRIs and KPIs.
• Recommend control improvements based on threat intel and incident trends.
• Apply relevant regulatory requirements (GDPR, DORA, ISO 27001, NIST) to technical environments.
• Review major incidents and ensure root causes and corrective actions are addressed.
• Provide input into incident response planning and exercises.
• Promote security awareness and deliver targeted training initiatives.
• Mentor both first-line technical teams and internal second-line colleagues.

• A degree in Information Security, Computer Science, Engineering, or equivalent practical experience.
• 6–8+ years in information security, ideally within regulated or corporate environments (e.g., financial services, insurance, tech).
• Solid grasp of risk management, technical security controls, and compliance frameworks.
• Familiarity with regulatory and industry standards like ISO27001, NIST, DORA, GDPR.
• Industry certifications such as CISSP, CISM, CCSK, or AZ-500 are a plus.
• In-depth experience with cloud environments—particularly Microsoft Azure.
• Proven ability to lead risk assessments, support audits, and influence architectural decisions.
• Strong communication skills, capable of engaging with both technical teams and senior leadership.
• A collaborative, improvement-focused mindset and a willingness to travel occasionally within Europe.
• Fluency in English is required; Dutch, German, or French is a plus.

• Competitive compensation and benefits package
• Flexibility in working arrangements
• A collaborative, international environment with room for impact
• Ongoing training and development
• The chance to shape the security posture of a growing, security-conscious organization