Head of Information Security PwC NL

What does your work look like?

As the Head of Information Security you will lead the information security function of PwC Netherlands member firm to continue to drive the maturation of the information security risk posture based on global strategy, member firm business requirement and risk appetite. The position has a dual reporting line to both the PwC Europe Chief Information Security Officer (CISO) and the local Chief Risk Officer (CRO)

• 10 year(s) progressive professional experience in information security or related domains. A bachelor’s degree in a relevant discipline is preferred.

• Provides strategic direction for the development, implementation, and continuous improvement of the organization's information security program, aligned with global NIS strategy, business objectives and regulatory requirements.

• Demonstrates extensive knowledge of, and/or proven record of success in firm priorities, information security concepts, principles and standards and their application in a large enterprise environment, preferably in a multinational or global organization.

• Demonstrates thought leader-level knowledge and/or a proven record of success directing efforts in driving execution of strategic priorities.

• Proven ability to engage leadership and stakeholders to address challenges and drive positive outcomes

• Extensive experience in stakeholder management including and influencing others through leadership interactions across a broad structure to build and maintain relationships across a network to effectively deliver security activities.

• Proven record of managing multi-function relationships throughout major transformation and collaborating with multiple stakeholders across functional and technical skill sets to identify, build and maintain security capabilities or controls.

• Proven experience in coordinating Information Security Governance to reduce repeat findings, issues and drive process improvements

• Experience in maintaining ISO/IEC 27001 certification as part of the organization’s broader commitment to information security, compliance, and continual improvement

• Demonstrates strong understanding of and experience in supporting compliance with regulatory and legal requirements such as the General Data Protection Regulation (GDPR), the Network and Information Security Directive (NIS2) and the Digital Operational Resilience Act (DORA)

• Directs enterprise-wide security awareness and training programs to promote a strong security culture across all levels of the organization

• Oversees third-party risk management activities, ensuring adequate security controls are in place across the supply chain

• Proven leadership and people management skills, including team building, coaching, and development.

Does this describe you?

• Analytical: Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance.

• Technical: Broad understanding of information security concepts, technologies, and the associated risk and compliance issues.

• Business: High level understanding of PwC’s business model, service offerings, and business operating environment as it pertains to the firm’s threat landscape. Ability to frame threats and exposures in a business context recognized by non-technical staff and executives.

• Domain landscape: Knowledge of information risk and compliance principles

• Communication: Ability to leverage business communication skills to inform, persuade, and teach stakeholders across a global network of member firms’ staff and leadership to enable effective information security activities and processes in line with the cyber readiness program

• Domain-specific certifications such as CISM, CCISO, CISA, CISSP aren’t a prerequisite however are well regarded.

• Fluency in English is required; fluency in Dutch is preferred

We believe in the power of an inclusive culture and we want everyone to feel free to be themselves. We offer access to a PwC global network, where you can exchange knowledge, ideas and questions with other professionals regarding other disciplines. We also offer you:

• Numerous training sessions and courses that contribute to your personal and professional development;

• An appropriate salary and extensive employment conditions, including a well-being budget. This is a personal annual budget of € 1.000 to spend on your health, for example on mindfulness, sport, lifestyle coachings & wellness;

• A fully equipped, ergonomic home office with a second monitor;

• A monthly internet allowance;

• A lease car/car allowance, laptop and iPhone;

• 30 (or 32) holiday days per year;

• Flexibility in working at the client, at home and at the office;

• The possibility, within standard working hours, of focusing on Corporate Responsibility, various networks, diversity, innovation and/or recruitment along with enjoyable informal activities and social parties.