IT Security Manager Amstelveen • Cyber Security District

We are representing a leading international organization currently undergoing a merger, seeking a highly motivated and communicative IT Security Manager to act as the critical bridge between technical IT teams (1st Line of Defence) and 2nd Line of Defence units.

The role is a technically proficient security professional responsible for translating technical security
requirements into actionable controls and processes within the IT organization, with a strong focus on
aligning SOC capabilities, such as monitoring, detection, and incident response, combined with IT risk
and security frameworks. The IT Security Manager also ensures that IT systems, applications, and
services are designed, implemented, and maintained securely and compliant.

In this role, you will be part of an international organization and regular travelling is required to Amstelveen and Cologne where the IT teams are located. Additional travel to other offices, including Brussels, Paris, London, Milan, Madrid, and Bratislava, may be necessary depending on business needs.

• Collaborate with operational IT teams to ensure implementation of technical security controls (e.g., encryption, access controls, vulnerability management, hardening).
• Ensure configuration and security compliance baselines (e.g., CIS Benchmarks, secure configuration guidelines) are defined and implemented across systems and applications.
• Work closely with the CISO Office, Security Architects, and Engineers to validate designs and assess risk exposure of new technologies.
• Collaborate closely with the Security Operations Center (SOC) to ensure effective implementation and continuous improvement of threat detection, incident response, and monitoring capabilities aligned with security standards and threat models.
• Support the Security Operations Center (SOC) in designing and refining detection use cases by providing technical input on system architectures, log sources, and event correlation to ensure comprehensive visibility and timely threat identification across IT environments.
• Support operational IT teams in incident response and post-incident reviews from a security compliance and (technical) audit trail perspective.
• Review technical access provisioning/de-provisioning processes for compliance with security standards and data protection requirements.
• Support the creation and technical implementation of security policies, hardening standards, work instructions, and IT security procedures.
• Act as a reviewer and advisor for IT system and software change requests from a security perspective.
• Develop and maintain technical security standards, procedures, and documentation in alignment with ISO 27001 and DORA requirements, ensuring that IT controls are clearly defined, auditable, and traceable to organizational policies and regulatory obligations.
• Act as a central coordinator between operational IT teams and business units by taking actions and ensuring mutual understanding of risks, priorities, and responsibilities across departments.
• Translate (security) risk assessment findings, audit observations, and protection need requirements into technical remediation tasks and track their implementation.
• Coordinate and support internal and external security assessments, ensuring that technical evidence is collected, validated, and submitted as required.
• Map security policies and control frameworks to IT system and application components, ensuring continuous (security) compliance monitoring.
• Identify security risks within IT systems and applications by conducting technical risk assessments, vulnerability analysis, and threat modeling
• Implement and manage appropriate technical security controls to mitigate identified risks in alignment with organizational risk appetite and compliance requirements.

• Bachelor’s degree in Computer Science, IT Security, or related field – or equivalent professional experience.
• 5+ years of experience in IT security, security operations, or security governance roles.
• Strong understanding of (IT) security frameworks (e.g., ISO 27001, NIST)
• Strong experience in operational integration of (IT) security standards and security models.
• Experience working in enterprise IT (security) environments and interfacing with risk/compliance units.
• Ability to lead cross-functional initiatives and manage complex tasks.
• Willingness to identify, assess, and evaluate risks, and to develop pragmatic solutions.
• Analytical and structured mindset with strong documentation skills
• Solving and decision-making ability under pressure (pragmatic approach).
• Excellent communication and stakeholder management abilities.
• Ability to efficiently prioritize tasks and manage multiple IT security activities, tasks, and meetings simultaneously.
• Preferred certifications, that are nice to have:
  • ISO 27001 (IT Security Manager/Officer)
  • ISO 27017 (Cloud Security Expert)
  • CISM (Certified Information Systems Auditor)
  • CRISC (Certified in Risk and Information Systems Control)
  • ISO 30000 (Risk Manager/Expert)

• Competitive compensation and benefits package
• Flexibility in working arrangements
• A collaborative, international environment with room for impact
• Ongoing training and development
• The chance to shape the security posture of a growing, security-conscious organization