Skip to content
MVPeople Group Logo
MVPeopleGroup
GRC & Compliance

Information Security Officer (ISO)

DrentheConsultancyHybridSenioroverige
Apply nowAsk a question

About the assignment

You are responsible for establishing and maintaining the information security program within the organization. This includes developing security policies, managing compliance with ISO 27001 and relevant regulations, and ensuring security controls are embedded across all business functions.

You work closely with business leaders, IT teams, and external stakeholders to identify security risks, prioritize mitigation efforts, and ensure continuity of security practices. Your role bridges governance, risk, and compliance—translating technical security into business outcomes.

Your responsibilities

  • Develop and maintain information security policies, standards, and procedures aligned with ISO 27001 and organizational objectives
  • Conduct risk assessments and implement security controls to reduce organizational exposure
  • Manage compliance with internal and external security requirements, including audits and certifications
  • Lead security awareness and training initiatives to embed security culture across the business
  • Monitor and report on security metrics, KPIs, and incidents to the board and senior management
  • Collaborate with IT, operations, and business units to integrate security into new projects and systems
  • Establish incident response and business continuity plans, testing and updating them regularly
  • Manage relationships with external parties including auditors, consultants, and regulators

Tech Stack & Tools

Platforms & Tooling

ServiceNow GRCOneTrustArcher

Frameworks & Standards

ISO 27001ISO 27002NIST Cybersecurity FrameworkCOBITNIS2DORA

Cloud & Infrastructure

AzureAWS

Methodologies

Risk management (ISO 31000)Business continuity planningIncident managementCompliance auditing

Certifications (preferred)

CISMCISSPCISAISO 27001 Lead Auditor

Must-haves

  • 7+ years in information security, GRC, or compliance roles
  • Deep knowledge of ISO 27001 and experience implementing security management systems
  • Understanding of risk management, governance, and compliance frameworks
  • Proven ability to communicate security concepts to non-technical stakeholders
  • Experience managing security policies, controls, and compliance reporting
  • Strong project management and stakeholder engagement skills

Nice-to-haves

  • CISM, CISSP, or CISA certification
  • Experience with GRC tools such as ServiceNow or Archer
  • Familiarity with NIS2, DORA, or industry-specific regulations
  • Background in audit or internal controls

What we offer

  • Strategic role with direct influence on organizational security posture
  • Opportunity to build and lead a security function from the ground up
  • Exposure to board-level discussions and enterprise risk management
  • Professional development in governance and compliance certifications
  • Collaborative environment with cross-functional teams
  • Personal guidance from a dedicated MVPeople consultant who knows your niche

The process

1

Introduction

Phone call with your MVPeople consultant (within 24 hours)

2

Match & Brief

We discuss the assignment in detail and prepare you

3

Client meeting

Introduction to the client

4

Start

Contracting and onboarding

Details

Type

Consultancy

Location

Drenthe

Work model

Hybrid

Level

Senior

Industry

overige

Posted

1 June 2026

Contact

MVPeople Group

jobs@mvpeoplegroup.com
Apply nowMore information

Related vacancies

GRC & CompliancePermanent

Senior Consultant Information Security

RandstadHybrid
View vacancy
GRC & ComplianceConsultancy

Compliance Officer

heerlenHybrid
View vacancy
Vulnerability ManagementConsultancy

Vulnerability Management Roadmap Manager

Utrecht, UTHybrid
View vacancy
Apply now