Information Security Officer

Role Purpose

Lead and continuously improve the organization’s information security program to protect data, systems, and operations. Ensure security governance, risk management, and compliance are embedded across the business.

Core Responsibilities

Define, maintain, and enforce information security policies, standards, and procedures.

Conduct risk assessments, manage risk treatment plans, and report security posture to leadership.

Oversee security incident response, investigation, containment, and post-incident improvements.

Implement and monitor security controls across networks, endpoints, applications, and cloud services.

Manage security awareness training and promote secure-by-design practices.

Coordinate audits and ensure compliance with relevant regulations and frameworks.

Assess third-party/vendor security and support procurement and contract security requirements.

Maintain security documentation, metrics, and continuous improvement roadmaps.

Required Skills

Security governance: policy management, control frameworks, and executive reporting.

Risk management: threat modeling, vulnerability management, and remediation tracking.

Incident management: detection, response coordination, and root-cause analysis.

Technical security: identity and access management, network security, endpoint security, and cloud security fundamentals.

Compliance: familiarity with standards such as ISO 27001, NIST, SOC 2, or equivalent.

Communication: clear stakeholder engagement, training delivery, and cross-functional collaboration.

“Do you want to make a difference and contribute to creating a better world? Are you interested in developing your skills and knowledge, while putting your ideals to work? Join us, we are a frontrunner in ethical banking and global impact investing, and we need people like you to make change happen.

We believe that money can change the world for the better. In fact, our organisation was founded on this belief. Our mission is to create a society that protects and promotes the quality of life of all its members with human dignity at its core.

Currently, we’re looking for an Information Security Officer.

How you will make a difference

You will help us to drive Triodos bank as a successful love brand, in its mission to ‘change finance and to finance change’, by

In this role:

Perform security risk assessments for new and existing applications, systems, and services
Review and interpret security certifications and assurance reports (ISO 27001, ISAE 3402, SOC 2 Type II)
Support security risk management for IT service providers
Collaborate with IT and business teams to integrate security requirements into projects
Contribute to security awareness initiatives
And more…

You will also have the opportunity to:

Participate in the development and review of security policies and procedures
Support incident response processes
Help improve security controls and tools
Stay informed about emerging threats and technologies (including AI and cloud security).

We will provide training and support to help you grow.

What you will bring

Your unique potential and your values matter to us most. We look for people who are self-aware and who think in a holistic way, always conscious of their impact on society, environment, and the economy.

To be successful in this role, you will:

have the ability to understand and analyse security standards like ISO 27001 certificates, assurance reports like ISAE 3402 SOC2 TYPE2, and so on
be able to capture the attention of bank staff; be an excellent communicator when advising, training and raising awareness among bank staff
Familiarity with incident response and risk assessment processes
the ability to understand internal clients and support them in achieving their objectives and meeting their needs by applying the necessary information security measures in every situation; to support the business, not to be an obstacle

Furthermore, it is expected that you will have:

Mandatory to reside in the Netherlands
At least 5 years of experience in a similar role
Hands-on experience in security risk assessment
Fluent in English
At least one recognized security certification (e.g., CISSP, CISM, ISO 27001 Lead Implementer,...)

Your future colleagues

You will join an enthusastic international team. We will tell you more about during the interview.

What we offer you

An inspiring work culture

The most important thing about working with us is that you are part of a community that is changing the world for the better. We are constantly improving our work culture to create conditions where every person can thrive, so you are able to:

find a sense of meaning in your work
create positive energy and impact with your co-workers
build mutual trust and respect in working relationships
enjoy fulfilment at a professional and personal level

A comfortable working environment

Our award-winning sustainable head office is based in Driebergen-Zeist, the Netherlands at the Reehorst Estate, just a 3 minutes’ walk from the train station. Combined with working from home, it is an inspiring place to work and connect with your colleagues.

And of course, great remuneration and working conditions

a salary appropriate to the position, our remuneration policy and your experience
an attractive pension policy
a mobility card (including free private travel)
flexible working hours and the opportunity to work from home
reimbursement of a company bicycle to the max of € 1,500
27 holiday days with a 36-hour working week, plus the option of buying 2 weeks of extra holiday days
extra leave to contribute to voluntary work
a range of education and training opportunities
the option to join our collective health insurance
a working from home allowance per home office day
suitable home office equipment up to € 750 every 5 years

Gerelateerde vacatures

Interesse in meer mogelijkheden? Bekijk deze vacatures binnen hetzelfde vakgebied. Wellicht zit jouw volgende uitdaging ertussen!

Cybersecurity & Networking specialist

Ministerie van Financiën

4.024 - 6.907

Medior, Senior

Den Haag

Als Cybersecurity & Networking specialist bij de Auditdienst Rijk analyseer en leid je onderzoeken naar digitale weerbaarheid: pentesten, red teaming, DigiD-assessments en IT-beveiligingsaudits. Je vertaalt bevindingen naar impact en handelingsperspectief.

Meer lezen Direct solliciteren

Specialist Ketenregie

PMT pensioenfonds Metaal & Techniek

Marktconform

Medior, Senior

Den Haag

Als Specialist Ketenregie bij PMT pensioenfonds Metaal & Techniek beheer je portefeuilles in interne beheersing, IT, informatiebeveiliging en kwaliteitsmanagement, en ondersteun je portfolio- en projectmanagement met planning, rapportages en stakeholdercommunicatie.

Meer lezen

Senior Risk Manager IT & Cyber

ABN AMRO Pensioenfonds

65.000 - 93.500

Medior

Amsterdam

Als Senior Risk Manager IT & Cyber bij ABN AMRO Pensioenfonds stel je risicokaders op, toets je beleid en IT-controls, breng je IT- en cyberdreigingen in kaart, beoordeel je incidentafhandeling...

Meer lezen Direct solliciteren

Manager Digital Service Act

Autoriteit Consument & Markt

6.640 - 9.310

Senior

Den Haag

Als Manager Digital Service Act bij ACM leid je een nieuw team en bouw je DSA-toezicht op: strategie en structuur neerzetten, compliance en systeemrisico’s bij online platforms aanpakken, en samenwerken...

Meer lezen Direct solliciteren

Finance

Business

Business Support

Technology

Hubs per Sector

Information Security Officer

Wat zegt itriskcarriere.nl over deze vacature?