Skip to content
MVPeople Group Logo
MVPeopleGroup
GRC & Compliance

Compliance Officer Privacy & Security

Noord HollandConsultancyHybridMedioroverheid
Apply nowAsk a question

About the assignment

A leading public sector organisation in Amsterdam is strengthening its information security maturity under the BIO (Baseline informatiebeveiliging Overheid). You join the Waste & Resources directorate to implement, monitor, and enforce security and privacy controls across operations handling sensitive waste stream data.

You operate as both coordinator and executor—bridging the gap between policy and practice. Your role ensures the directorate meets ISO 27001/2-based BIO requirements, manages vendor security assessments, and builds a culture of privacy awareness among staff.

You report progress to leadership and collaborate with specialist privacy and security teams across the municipal cluster to drive consistent solutions.

Your responsibilities

  • Lead BIO improvement plan implementation and report progress to leadership as liaison between operations and security teams
  • Advise the management team on priority security risks and concrete mitigation strategies
  • Conduct privacy awareness training and campaigns to embed security culture across the directorate
  • Monitor and maintain the risk register; track remediation measures executed by line departments
  • Design secure processes with business analysts, embedding security from inception
  • Assess application managers' compliance with BIO controls: logical access, change management, incident response
  • Evaluate and monitor security posture of contracted services; review new vendor security requirements
  • Coordinate with peer compliance officers across municipal directorates for aligned approaches

Tech Stack & Tools

Frameworks & Standards

BIO (Baseline informatiebeveiliging Overheid)ISO 27001:2022ISO 27002GDPR/AVG

Methodologies

Risk managementSecurity by designVendor risk assessmentPrivacy impact assessment

Certifications (preferred)

CISMISO 27001:2022 Lead AuditorCIPP/E

Must-haves

  • Minimum 2 years implementing, maintaining, and monitoring BIO or ISO 27001/2 security controls
  • Minimum 3 years managing privacy and security in IT/ICT projects with vendor oversight
  • Minimum 2 years experience with GDPR/AVG compliance and privacy regulations
  • HBO-level qualification (e.g., cybersecurity or equivalent professional experience)
  • Fluent in Dutch (written and spoken) for stakeholder communication and training delivery

Nice-to-haves

  • Hands-on experience with BIO at a Dutch public sector organisation
  • Track record presenting and training on privacy and security topics
  • CISM, ISO 27001 Lead Auditor, or equivalent certification

What we offer

  • High-impact role shaping security culture at municipal scale
  • Exposure to data-driven waste management and smart city initiatives
  • Collaboration with specialist privacy and security teams across government
  • Flexible contract (32–36 hours/week) with extension option from June 2026
  • Central Amsterdam location with excellent public transport access
  • Personal guidance from a dedicated MVPeople consultant who knows your niche

The process

1

Introduction

Phone call with your MVPeople consultant (within 24 hours)

2

Match & Brief

We discuss the assignment in detail and prepare you

3

Client meeting

Introduction to the client

4

Start

Contracting and onboarding

Details

Type

Consultancy

Location

Noord Holland

Work model

Hybrid

Level

Medior

Industry

overheid

Posted

6 May 2026

Contact

MVPeople Group

jobs@mvpeoplegroup.com
Apply nowMore information

Related vacancies

GRC & ComplianceConsultancy

NIS2 Policy Documentation Advisor

Den HaagHybrid
View vacancy
Privacy & DPOConsultancy

Senior Privacy Jurist

Den HaagHybrid
View vacancy
CISOConsultancy

Chief Information Security Officer (CISO)

Noord HollandHybrid
View vacancy
Apply now