Information Security Officer

Location: Arnhem (Hybrid)
Hours: 36–40 per week
Start date: 1 September 2025
End date: 31 August 2026
Education: HBO (Bachelor's) or higher

Are you ready to help shape a resilient digital infrastructure for the energy transition? We’re looking for a skilled Information Security Officer who can strengthen business continuity and boost cybersecurity awareness across the organization. You'll act as a trusted advisor within the Business Technology Organisation (BTO), operating in the second line of defense.

You’ll play a key role in embedding security and resilience into daily operations, ensuring alignment with the corporate Information Security Management System (ISMS) and international standards.

Your responsibilities include:

• Advising IT teams and BTO stakeholders on business continuity and cybersecurity topics

• Developing and implementing strategies, policies and compliance structures for Business Continuity Management (BCM)

• Designing and rolling out cybersecurity awareness and training programs

• Promoting a strong security culture throughout the organization

• Supporting BCM activities such as risk assessments, testing, compliance reviews and reporting

• Aligning security practices with international standards like ISO 27001 and the corporate ISMS

• Collaborating with internal and external auditors and leading assurance efforts

• Coordinating internal communication around continuity and security topics

• Supporting leadership with clear, risk-based reporting and actionable insights

• Ensuring strong alignment between local practices and global security frameworks

Your profile:

• A completed HBO or university degree in Information Security, IT, Business Administration or a related field

• At least 5 years of hands-on experience in Business Continuity Management and cybersecurity awareness

• Proven ability to develop and deliver internal training and awareness programs

• Familiarity with standards and frameworks such as ISO 27001, NIST, COBIT, GDPR, ISO 31000 and ITIL 4

• Experience with cloud security, network security and Identity & Access Management (IAM)

• Relevant certifications such as CISSP, CISM, CRISC or CISA are a strong plus

• Excellent stakeholder management and communication skills

• Strong analytical and documentation capabilities

• Fluency in English is required; Dutch or German is a plus

• Willingness to work 2–3 days per week in Arnhem and travel to Germany once per quarter