Skip to content
MVPeople Group Logo
MVPeopleGroup
GRC & Compliance

Decentralised Information Security Officer (DISO) / Privacy & Security Officer

Stadsplateau 1, 3521 AZ UtrechtConsultancyHybrideSenioroverheid
Reageer directStel een vraag

Over de opdracht

You join a leading organisation in the public sector at a critical moment. Citizens' personal data requires robust protection, and your role is to embed privacy and security into every service delivery process.

You'll work across decentralised teams, translating compliance requirements into practical security measures. You report on risk exposure to leadership and shape the security posture of an organisation serving thousands of residents.

Jouw werkzaamheden

  • Design and implement privacy-by-design principles across all digital services
  • Conduct Data Protection Impact Assessments (DPIA) and manage privacy risk registers
  • Develop and maintain information security policies aligned with GDPR and NIS2 requirements
  • Manage incident response protocols and coordinate breach notifications
  • Lead security awareness campaigns and train staff on data handling practices
  • Audit third-party vendor security controls and manage processor agreements
  • Monitor compliance with ISO 27001 and sector-specific security standards
  • Report security and privacy metrics to senior management and oversight bodies

Tech Stack & Tools

Platforms & Tooling

OneTrustTrustArcCollibraServiceNowSplunk

Frameworks & Standaarden

GDPRNIS2ISO 27001BIO 2.0NIST CSF

Cloud & Infrastructure

AzureAzure Sentinel

Methodieken

Privacy-by-DesignRisk-based approachSecure Software Development Lifecycle (SSDLC)

Certificeringen (pré)

CIPP/E (Certified Information Privacy Professional)CIPM (Certified Information Privacy Manager)CISM (Certified Information Security Manager)

Must-haves

  • 8+ years in information security, privacy, or compliance roles
  • Hands-on experience with GDPR compliance and data protection frameworks
  • Proven ability to develop and enforce security policies across organisations
  • Strong stakeholder management across technical and non-technical teams
  • Experience with privacy impact assessments and risk management methodologies

Nice-to-haves

  • Background in public sector security governance or critical infrastructure
  • Familiarity with NIS2 directive and BIO 2.0 requirements
  • Incident response and breach management experience

Wat wij bieden

  • Direct impact on protecting citizen privacy at scale
  • Leadership role with autonomy to shape security strategy
  • Opportunity to work with cross-functional teams and senior stakeholders
  • Support for professional certifications (CIPP/E, CISM)
  • Flexible working arrangements with hybrid options
  • Personal guidance from a dedicated MVPeople consultant who knows your niche

Het proces

1

Kennismaking

Telefonisch gesprek met je MVPeople consultant (binnen 24 uur)

2

Match & Brief

We bespreken de opdracht in detail en bereiden je voor

3

Klantgesprek

Introductie bij de opdrachtgever

4

Start

Contractering en onboarding

Details

Type

Consultancy

Locatie

Stadsplateau 1, 3521 AZ Utrecht

Werkmodel

Hybride

Niveau

Senior

Sector

overheid

Geplaatst

16 maart 2026

Contact

MVPeople Group

jobs@mvpeoplegroup.com
Reageer directMeer informatie

Vergelijkbare vacatures

GRC & ComplianceConsultancy

Projectleider Privacy & Security

Den Haag, ZHHybride
Bekijk vacature
GRC & ComplianceConsultancy

Information Security Officer (Security Office)

Zuid HollandHybride
Bekijk vacature
GRC & ComplianceConsultancy

Adviseur Informatiebeveiliging (IB)

ZH, NLHybride
Bekijk vacature
Reageer direct