Skip to content
MVPeople Group Logo
MVPeopleGroup
GRC & Compliance

Decentralised Information Security Officer (DISO) / Privacy & Security Officer

Stadsplateau 1, 3521 AZ UtrechtConsultancyHybridSenioroverheid
Apply nowAsk a question

About the assignment

You join a leading organisation in the public sector at a critical moment. Citizens' personal data requires robust protection, and your role is to embed privacy and security into every service delivery process.

You'll work across decentralised teams, translating compliance requirements into practical security measures. You report on risk exposure to leadership and shape the security posture of an organisation serving thousands of residents.

Your responsibilities

  • Design and implement privacy-by-design principles across all digital services
  • Conduct Data Protection Impact Assessments (DPIA) and manage privacy risk registers
  • Develop and maintain information security policies aligned with GDPR and NIS2 requirements
  • Manage incident response protocols and coordinate breach notifications
  • Lead security awareness campaigns and train staff on data handling practices
  • Audit third-party vendor security controls and manage processor agreements
  • Monitor compliance with ISO 27001 and sector-specific security standards
  • Report security and privacy metrics to senior management and oversight bodies

Tech Stack & Tools

Platforms & Tooling

OneTrustTrustArcCollibraServiceNowSplunk

Frameworks & Standards

GDPRNIS2ISO 27001BIO 2.0NIST CSF

Cloud & Infrastructure

AzureAzure Sentinel

Methodologies

Privacy-by-DesignRisk-based approachSecure Software Development Lifecycle (SSDLC)

Certifications (preferred)

CIPP/E (Certified Information Privacy Professional)CIPM (Certified Information Privacy Manager)CISM (Certified Information Security Manager)

Must-haves

  • 8+ years in information security, privacy, or compliance roles
  • Hands-on experience with GDPR compliance and data protection frameworks
  • Proven ability to develop and enforce security policies across organisations
  • Strong stakeholder management across technical and non-technical teams
  • Experience with privacy impact assessments and risk management methodologies

Nice-to-haves

  • Background in public sector security governance or critical infrastructure
  • Familiarity with NIS2 directive and BIO 2.0 requirements
  • Incident response and breach management experience

What we offer

  • Direct impact on protecting citizen privacy at scale
  • Leadership role with autonomy to shape security strategy
  • Opportunity to work with cross-functional teams and senior stakeholders
  • Support for professional certifications (CIPP/E, CISM)
  • Flexible working arrangements with hybrid options
  • Personal guidance from a dedicated MVPeople consultant who knows your niche

The process

1

Introduction

Phone call with your MVPeople consultant (within 24 hours)

2

Match & Brief

We discuss the assignment in detail and prepare you

3

Client meeting

Introduction to the client

4

Start

Contracting and onboarding

Details

Type

Consultancy

Location

Stadsplateau 1, 3521 AZ Utrecht

Work model

Hybrid

Level

Senior

Industry

overheid

Posted

16 March 2026

Contact

MVPeople Group

jobs@mvpeoplegroup.com
Apply nowMore information

Related vacancies

GRC & ComplianceConsultancy

Privacy & Security Project Lead

Den Haag, ZHHybrid
View vacancy
GRC & ComplianceConsultancy

Information Security Officer – Security Office Lead

Zuid HollandHybrid
View vacancy
GRC & ComplianceConsultancy

Information Security Advisor

ZH, NLHybrid
View vacancy
Apply now