Skip to content
MVPeople Group Logo
MVPeopleGroup
GRC & Compliance

Information Security Officer – Security Governance & Compliance

AmsterdamConsultancyHybrideSenioroverheid
Reageer directStel een vraag

Over de opdracht

You join a Security Office in transformation within a public sector organisation that is scaling its security governance capabilities. Your mission is to operationalise security policy across the entire organisation—moving from theoretical frameworks to practical, enforceable standards.

You'll be the bridge between executive leadership, security teams, and business units. You design and maintain the ISMS, lead compliance programs, and ensure that security-by-design becomes embedded in decision-making at every level. This is hands-on governance work with real organisational impact.

Jouw werkzaamheden

  • Design and maintain the Information Security Management System (ISMS) aligned with ISO 27001 and NIS2 requirements
  • Develop security policies, standards, and procedures that translate strategic direction into actionable controls
  • Advise business stakeholders on compliance obligations, risk appetite, and security implementation
  • Lead governance reviews, audit processes, and security assessments across the organisation
  • Manage the GRC process: document control, control mapping, exception handling, and continuous improvement
  • Embed security-by-design principles into procurement, project delivery, and operational processes
  • Report on security posture and compliance status to senior management and the board
  • Collaborate with Privacy, IT Risk, and other security functions to ensure cohesive governance

Tech Stack & Tools

Platforms & Tooling

ServiceNow GRCArcherOneTrust

Frameworks & Standaarden

ISO 27001NIS2DORABIO 2.0COBIT

Methodieken

Risk-based governanceControl mapping and testingPolicy lifecycle management

Certificeringen (pré)

CISACRISCCISSPCISM

Must-haves

  • 8+ years in security governance, GRC, or compliance roles
  • Deep knowledge of ISO 27001, NIS2, and public sector compliance requirements
  • Hands-on experience designing and operating an ISMS or GRC program
  • Proven ability to translate policy into practical control frameworks
  • Fluent in English; Dutch language skills are a strong advantage

Nice-to-haves

  • Experience with ServiceNow GRC or similar GRC platforms
  • Background in public sector or regulated industries
  • CISA or CRISC certification

Wat wij bieden

  • Shape security governance strategy in a transforming public sector organisation
  • Lead a high-impact Security Office with strategic visibility and board-level engagement
  • Work with modern GRC tooling and a collaborative, forward-thinking team
  • Competitive salary and comprehensive benefits package
  • Flexible working arrangements and professional development support
  • Personal guidance from a dedicated MVPeople consultant who knows your niche

Het proces

1

Kennismaking

Telefonisch gesprek met je MVPeople consultant (binnen 24 uur)

2

Match & Brief

We bespreken de opdracht in detail en bereiden je voor

3

Klantgesprek

Introductie bij de opdrachtgever

4

Start

Contractering en onboarding

Details

Type

Consultancy

Locatie

Amsterdam

Werkmodel

Hybride

Niveau

Senior

Sector

overheid

Geplaatst

11 maart 2026

Contact

MVPeople Group

jobs@mvpeoplegroup.com
Reageer directMeer informatie

Vergelijkbare vacatures

GRC & ComplianceConsultancy

Projectleider Privacy & Security

Den Haag, ZHHybride
Bekijk vacature
GRC & ComplianceConsultancy

Information Security Officer (Security Office)

Zuid HollandHybride
Bekijk vacature
GRC & ComplianceConsultancy

Adviseur Informatiebeveiliging (IB)

ZH, NLHybride
Bekijk vacature
Reageer direct