GRC & Compliance

Programmamanager Cybersecurity Strategie

Rotterdam, ZHConsultancyHybridLeadenergie

About the assignment

A leading organisation in energy infrastructure is executing a major resilience strategy approved in April 2026. You drive the programmatic realisation of two core themes: Digital Systems and Integrated Security. The challenge is substantial—geopolitical threats, regulatory pressure, and digitalisation demand structural defensive capability.

You operate from the Cybersecurity Strategy team, reporting to the CISO and coordinating with the Resilience Programme Manager. Your role is lightweight programme governance with real impact: you bring clarity, organise dependencies, facilitate critical decisions, and ensure measures move from planning to execution. The structure stays lean—no heavyweight programme bureaucracy.

Your responsibilities

Consolidate ongoing and planned initiatives into a coherent, integrated programme with clear sequencing
Design and operationalise lightweight governance, planning, and reporting structures for both themes
Explicitly surface choices, dependencies, and priorities to unblock decision-making
Mobilise core teams, identify impediments, and escalate blockers for removal
Lead implementation oversight for digital resilience measures including architecture alignment and vendor risk management
Strengthen and harmonise physical and digital security processes: monitoring, access control, screening, procurement
Prepare and guide critical decisions; serve as sparring partner for Corporate Cybersecurity leadership
Translate strategic objectives into clear, executable change narratives and establish 2027+ OKRs

Tech Stack & Tools

Frameworks & Standards

PDCA cycle (Plan-Do-Check-Act)COBIT governance controlsISO 27001 security managementCritical infrastructure resilience standards

Methodologies

Programme management (Agile/Waterfall hybrid)Stakeholder governance and decision facilitationRisk and dependency mappingOKR/KPI frameworks

Certifications (preferred)

PRINCE2 or equivalent programme management certification (preferred)CISM (preferred)Critical infrastructure security background (preferred)

Must-haves

10+ years programme management in complex, technical, regulated environments (ideally RWS, ProRail, NS, water boards, or port authorities)
Demonstrable cybersecurity, digital resilience, or integrated security programme experience
Proven governance and decision-making orchestration capability
IT/OT environment and critical infrastructure background
Political and executive sensitivity; comfort at board and management team level
Dutch fluency in speech and writing; WO (university) level thinking

Nice-to-haves

Experience in energy, water, or other vital infrastructure sectors
Background in regulatory compliance (NIS2, critical infrastructure directives)
Vendor risk and supply chain security management

What we offer

Shape cybersecurity strategy at a critical infrastructure organisation protecting the Netherlands
Lead a high-impact, time-bound programme with genuine executive visibility
Work directly with CISO and senior leadership on strategic cyber resilience
6-month engagement with extension option; competitive contract terms
Placement in Rotterdam with 2–3 days on-site weekly
Personal guidance from a dedicated MVPeople consultant who knows your niche

The process

Introduction

Phone call with your MVPeople consultant (within 24 hours)

Match & Brief

We discuss the assignment in detail and prepare you

Client meeting

Introduction to the client

Start

Contracting and onboarding

Details

Type

Consultancy

Location

Rotterdam, ZH

Work model

Hybrid

Level

Lead

Industry

energie

Posted

21 April 2026

Contact

MVPeople Group

jobs@mvpeoplegroup.com

Apply now More information

Related vacancies

IAM / IGAConsultancy