Skip to content
MVPeople Group Logo
MVPeopleGroup
GRC & Compliance

Information Security Officer – Security Office Lead

Zuid HollandConsultancyHybridSenioroverheid
Apply nowAsk a question

About the assignment

You join a new security office within a leading organisation in the public sector. Your mission: translate security policy and frameworks into actionable governance for the organisation, manage the PDCA cycle (ISMS, GRC), and advise executive stakeholders on information security and privacy risks.

You work independently to embed security-by-design principles across all digital initiatives. You ensure technical solutions meet security and compliance requirements. You'll shape an emerging security function from the ground up—high impact, high autonomy.

Your responsibilities

  • Build and structure the security office, defining governance, roles, and compliance workflows
  • Translate security policy into practical frameworks aligned with NIS2, BIO2.0, and ISO 27001
  • Manage the PDCA cycle for the Information Security Management System (ISMS) and GRC processes
  • Advise senior leadership and governance bodies on security and privacy strategy
  • Integrate security-by-design principles into all digital initiatives and architecture decisions
  • Prepare and support external audits (ENSIA, ISO 27001 certification)
  • Drive GRC platform implementation and configuration (ServiceNow, Archer, or equivalent)

Tech Stack & Tools

Platforms & Tooling

ServiceNow GRCArcherOneTrust

Frameworks & Standards

ISO 27001NIS2BIO2.0ISMSPDCANIST Cybersecurity Framework

Cloud & Infrastructure

AWSAzure

Methodologies

Security-by-designRisk-based approachENSIA audit preparationEnterprise architecture

Certifications (preferred)

CISSPCISMCRISCCISAISO 27001 Lead AuditorTOGAFArchiMate Practitioner

Must-haves

  • Bachelor's or Master's degree in IT, Computer Science, Cybersecurity, or related field
  • At least 5 years in IT security, architecture, or risk management in government or financial services
  • At least 3 years implementing NIS2, BIO2.0, or ISMS frameworks
  • Fluent in Dutch and English (C1 level) for cross-functional communication
  • Current certification: CISSP, CISM, CRISC, CISA, or ISO 27001 Lead Auditor/Implementer
  • At least 2 years in second-line management within government or large public organisations

Nice-to-haves

  • Experience with GRC platforms (ServiceNow, Archer)
  • Knowledge of technical and security architecture principles (TOGAF, ArchiMate)
  • Cloud certifications (AWS Security Specialty, AZ-500, CCSK)
  • Hands-on audit preparation experience (ENSIA, ISO 27001)

What we offer

  • Build security governance from the ground up with full autonomy
  • Work with cutting-edge GRC and ISMS frameworks at government scale
  • Shape security strategy for a critical national organisation
  • Collaborate with executive stakeholders on high-impact initiatives
  • Competitive package aligned with public sector standards
  • Personal guidance from a dedicated MVPeople consultant who knows your niche

The process

1

Introduction

Phone call with your MVPeople consultant (within 24 hours)

2

Match & Brief

We discuss the assignment in detail and prepare you

3

Client meeting

Introduction to the client

4

Start

Contracting and onboarding

Details

Type

Consultancy

Location

Zuid Holland

Work model

Hybrid

Level

Senior

Industry

overheid

Posted

25 March 2026

Contact

MVPeople Group

jobs@mvpeoplegroup.com
Apply nowMore information

Related vacancies

GRC & ComplianceConsultancy

ServiceNow IRM Transformation Specialist

North HollandHybrid
View vacancy
GRC & ComplianceConsultancy

Privacy & Security Project Lead

Den HaagHybrid
View vacancy
GRC & ComplianceConsultancy

Information Security Advisor

ZH, NLHybrid
View vacancy
Apply now