Skip to content
MVPeople Group Logo
MVPeopleGroup
GRC & Compliance

Information Security Officer – Security Governance & Compliance

AmsterdamConsultancyHybridSenioroverheid
Apply nowAsk a question

About the assignment

You join a Security Office in transformation within a public sector organisation that is scaling its security governance capabilities. Your mission is to operationalise security policy across the entire organisation—moving from theoretical frameworks to practical, enforceable standards.

You'll be the bridge between executive leadership, security teams, and business units. You design and maintain the ISMS, lead compliance programs, and ensure that security-by-design becomes embedded in decision-making at every level. This is hands-on governance work with real organisational impact.

Your responsibilities

  • Design and maintain the Information Security Management System (ISMS) aligned with ISO 27001 and NIS2 requirements
  • Develop security policies, standards, and procedures that translate strategic direction into actionable controls
  • Advise business stakeholders on compliance obligations, risk appetite, and security implementation
  • Lead governance reviews, audit processes, and security assessments across the organisation
  • Manage the GRC process: document control, control mapping, exception handling, and continuous improvement
  • Embed security-by-design principles into procurement, project delivery, and operational processes
  • Report on security posture and compliance status to senior management and the board
  • Collaborate with Privacy, IT Risk, and other security functions to ensure cohesive governance

Tech Stack & Tools

Platforms & Tooling

ServiceNow GRCArcherOneTrust

Frameworks & Standards

ISO 27001NIS2DORABIO 2.0COBIT

Methodologies

Risk-based governanceControl mapping and testingPolicy lifecycle management

Certifications (preferred)

CISACRISCCISSPCISM

Must-haves

  • 8+ years in security governance, GRC, or compliance roles
  • Deep knowledge of ISO 27001, NIS2, and public sector compliance requirements
  • Hands-on experience designing and operating an ISMS or GRC program
  • Proven ability to translate policy into practical control frameworks
  • Fluent in English; Dutch language skills are a strong advantage

Nice-to-haves

  • Experience with ServiceNow GRC or similar GRC platforms
  • Background in public sector or regulated industries
  • CISA or CRISC certification

What we offer

  • Shape security governance strategy in a transforming public sector organisation
  • Lead a high-impact Security Office with strategic visibility and board-level engagement
  • Work with modern GRC tooling and a collaborative, forward-thinking team
  • Competitive salary and comprehensive benefits package
  • Flexible working arrangements and professional development support
  • Personal guidance from a dedicated MVPeople consultant who knows your niche

The process

1

Introduction

Phone call with your MVPeople consultant (within 24 hours)

2

Match & Brief

We discuss the assignment in detail and prepare you

3

Client meeting

Introduction to the client

4

Start

Contracting and onboarding

Details

Type

Consultancy

Location

Amsterdam

Work model

Hybrid

Level

Senior

Industry

overheid

Posted

11 March 2026

Contact

MVPeople Group

jobs@mvpeoplegroup.com
Apply nowMore information

Related vacancies

GRC & ComplianceConsultancy

Privacy & Security Project Lead

Den Haag, ZHHybrid
View vacancy
GRC & ComplianceConsultancy

Information Security Officer – Security Office Lead

Zuid HollandHybrid
View vacancy
GRC & ComplianceConsultancy

Information Security Advisor

ZH, NLHybrid
View vacancy
Apply now