Information Security Specialist
Great company to work for!
Challenging role in an international working environment!
Over onze klant
SHV Holdings is the largest global family owned company of The Netherlands with different entities across the world.
Taken en verantwoordelijkheden
SHV Holdings is looking for an experienced Information Security Specialist to support the operational tactical design, implementation, operations and ongoing management of information security operations of the Information Security program as operated from the SHV Holdings headquarters in Utrecht. The role will report directly to the CISO and will have business interactions with key external vendors and suppliers and the Business Unit Information Security Officers located across the Group as required to effectively operate and support the SHV Holdings information security program.
Information Security Operations:
- Assist the CISO with Global and HQ level information security projects.
- Manage and operate technical security operations of the Group level infrastructure and global IT landscape (firewalls, VPN, O365, endpoint protection, IDS/IPS, SIEM, IAM, DLP, patch management, SSO, etc.)
- Supporting the operations provided by the managed security services provider (outsourced).
- Manage the SHV security training and awareness program.
- Manage and support the Security Incident Response process.
- Manage vulnerability scanning and pen testing activities for the Utrecht office and global systems.
- Create information security status and performance reporting.
Information Security Architecture and Program Design:
- Support the CISO with the development and implementation of formation security policies, procedures and guidelines.
- Assist in reviewing/redesigning internal processes and systems to ensure information confidentiality, integrity and availability.
- Assist with developing, documenting and implementing an ISMS based on ISO 27001 and the ISF standards of good practice.
Information Security Risk:
- Conduct information security risk assessments and maintain the information security risk and non-conformance registers ensuring that actions are completed by agreed target dates.
- Facilitate due diligence security assessments on potential and existing third party suppliers.
- Identify and implement security technologies and solutions in relation to identified business risk and in alignment with risk appetite.
- Manage Group level information security threats and vulnerabilities using the SHV Holdings information security risk framework.
Audit and Compliance:
- Conduct quarterly self-assessments to the SHV Holdings information security controls framework.
- Support the information security audit process.
- Assist the legal team with compliance efforts to ensure adherence to the SHV Privacy Codes, GDPR and local BU privacy legislation.
- Academic level education preferably in Information Security, IT or Business Administration.
- Relevant professional qualifications (i.e. SSCP, CISSP, CISM, CRISC) are desirable but not essential.
- Approximately 5+years working experience in Information Security with experience in supporting roles in IT or IT Audit considered an asset.
- Comfortable to work with management level.
- Strong experience with the design, implementation, operation and support of information security related technologies (i.e. firewalls, SIEM, endpoint protection, IAM, vulnerability scanning, etc.)
- Hands on experience working with business enabled information security processes such as risk management, penetration testing, business continuity, awareness training, CSIRT, IT audit, data privacy, policy development, etc.
- Strong experience with information security frameworks /standards (ISF, ISO 2700x, COBIT 4/5, NIST, CIS, etc.)
- Track record of working in an international corporate environment with other disciplines (Marketing, Sales, Customer Service, Operations, Finance, HR) .
- Experience with outsourced delivery, preferably including offshoring teams.
- Willing to travel internationally approximately 10%.
- Speaks and write fluently in English.
Good salary and secondary benefits and a great opportunity in a challenging and international working environment.