Information Security Officer

Details

• Contract is for 6 months with potential for renewal.
• Position is 100% remote.
• Immediate start is preferred.
• Quarterly visits to client headquarters in EU zone expected

Introduction and Summary

We are looking for an Information Security Officer to join our clients team for an initial 6-month contract, with an immediate start and the flexibility to work 100% remotely. The ideal candidate will have a strong background in IT security, particularly within a multinational environment. Essential skills include excellent written and spoken communication in English, as well as robust interpersonal abilities.

Main Objectives

• Develop and Implement Security Policies: Design, review, and enforce security protocols and procedures in alignment with industry standards and regulations.
• Lead Incident Response: Coordinate and manage the investigation, resolution, and documentation of security incidents and breaches.
• Conduct Risk Assessments and Reviews: Perform regular vulnerability assessments, and internal security reviews to identify and mitigate risks.
• Manage Security Tools: Oversee the configuration and optimization of security systems, including firewalls, SIEM, IDS/IPS, and endpoint protection.
• Ensure Regulatory Compliance: Maintain compliance with frameworks like ISO 27001, NIST, and industry-specific regulations.
• Team Leadership and Training: Supervise junior security staff, provide guidance, and lead security awareness programs across the organization.

Basic Ability

• Communication
• Team player
• Getting things done
• Adaptability
• Critical thinking
• Desire to learn

Key Requirements

• Min. 3-5 years of experience in IT security.
• Strong interpersonal and communication skills.
• Experience in a compliance-focused environment such as finance, legal, or other regulated industries
• Experience with one or more compliance frameworks such as (ISO27001, ISO9001, NEN7510, ISAE3402).
• Proven ability to work in a multinational setting.

Knowledge

• Knowledge in performing risk and threat assessments, could be on a basic level
• Good knowledge of security frameworks and legislations (ISO27001, GDPR, NIST CSF, Cyber Essentials)

Nice to Haves

• Experience in the MedTech industry.
• Understanding of medical device regulations (MDR).
• Understanding of application security concepts
• Experience with security appliances