Information Security Officer

Jan 19, 2024
Rotterdam, Netherlands
... Not specified
... Senior
Full time
... Office work

The Information Security Officer (ISO) will be responsible for overseeing information security, cybersecurity and IT risk management programs based on industry-accepted information security and risk management frameworks, such as those from ISO 27001 and NIST-standards. The ISO works to improve the maturity level of information security, state of cybersecurity and IT risk best-practices across the company. The ISO is an integral part of the Security & Compliance team and reports directly to the Security & Compliance Manager.

Scope
The right candidate has an impeccable reputation and has no problem passing applicable background checks and providing the mandatory (Dutch) VOG-document as the candidate oversees an organization with multiple functional disciplines/occupations and may have to manage programs, regardless of size, that may have a critical impact on the company. Responsibility to formulate and administer policies and programs in all areas of Information security, including but not limited to human resources, development, project & service management and physical assets, and the ability to function with a high degree of autonomy. The Information Security Officer is accountable and the delivered work and leads our current certifications for ISO 27001 and NEN7510, including any future certifications. The ISO also negotiates and influences others to help them understand and accept new concepts, practices, and approaches in the field of information security.

Bachelor’s degree or equivalent in Computer Information Systems, Management Information Systems or Computer Science and a minimum of 3 years work experience in the same type of work and 3 years supervisory experience.

Knowledge, Skills, and Abilities

  • Knowledge and understanding of higher education, governmental agency or corporate/industry information security, governance, risk and compliance practices and standards. 
  • Knowledge of laws and regulations including but not limited to: GDPR (AVG), Network & Information Security Directive 2 (NIS2) & Digital Services Act (DSA).
  • Experience with development of educational programs in security awareness.
  • Excellent organizational and communication skills (both verbal and written).
  • Strong interpersonal skills and the ability to effectively communicate with a wide range of individuals and constituencies in a diverse community.
  • Knowledge of IT processes and controls and strong understanding of risk and control frameworks such as (COBIT, ISO, NIST, ITIL, PCI).
  • General knowledge of information security regulatory requirements and standards such as ISO 27001/2, ISO 9001, ISO 14001, SANS top 20 and NIST 800-53.
  • Team player, but still be self-managing with good time-management skills and be processoriented (a to z), including a sense of ownership.
  • Pride in your performance and understand how that impacts the company’s success.
  • Resident or existing ability to work in Canada (Montreal area) or the Netherlands (Rotterdam area).

Key Responsibilities

  • Takes ownership towards the continuous development, implementation and updates of security and privacy policies, standards, guidelines, baselines, processes, and procedures in compliance with local, state, and federal regulations and standards for I3D.net information systems in our High-Level Structure Document (HLS).
  • Be a sparring partner for your colleagues.
  • Review and maintain our certifications e.g., ISO 27001 and NEN 7510.
  • Proactive identification and mitigation of IT risks as well as responding to observations identified by third party auditors or examiners while assisting in the development of periodic reports and dashboards presenting the level of controls compliance and current IT risk posture.
  • Assist managers and staff with the audits and facilitate management response and remediation efforts. Ensure overall IT compliance with regulatory requirements through proactive planning and communication, ownership, and relationships.
  • Identify acceptable levels of residual risk and assist with action plans, policy, and procedural changes for risk mitigation. Provide strategic recommendations to key IT projects to help improve project results, quality of deliverables, risk optimization, security processes and compliance with regulations.
  • Facilitate information systems security management education and training in regulatory and industry standards for all I3D.net employees.
  • Collaborate with the Security Operations Center on security incidents and contribute to any investigations.
  • Ability to work with local, state, and federal authorities requiring information and reports on security incidents to include police or other law enforcement agencies.
  • Occasional travel to our other offices and owned datacenters may be required.

What does i3D.net offer you?

  • Dive in to the world of gaming and real time and engage with customers from all over the world. We have a diverse commercial team and value collaboration, diversity and entrepreneurship. With the team we organize drinks, dinners and events throughout the year.
  • A challenging and dynamic job in an international company
  • A competitive salary (depending on education, knowledge, and experience)
  • 25 vacation days (excluding national holidays)
  • Travel allowance & work-from-home budget
  • Collective pension scheme
  • All the hardware and software you need to perform, including a laptop
  • Career guidance including remuneration of relevant education, courses, and training
  • A modern office in a prime location with open workplaces
  • Free access to Ubisoft games through Ubisoft Connect
  • Free use of the in-house gym

i3D.net is an equal opportunity employer. At i3D.net, we believe in a fair and equal workplace for all and foster an environment that is inclusive as well as diverse. We do not discriminate based on color, race, religion, sexual orientation, gender (identity), age, mental or physical abilities, or other characteristics. We believe that employees thrive when they can be comfortable and be themselves! We encourage candidates to apply knowing that they will be considered solely on their merits and qualifications.

Disclaimer: The above statements are intended to describe the general nature and level of work. Employment offers are contingent upon a final candidate’s successful interviews with hiring manager, HR and other representatives of i3D.net and the completion of a background verification and a final determination by i3D.net that the information derived from the background verification does not disqualify the individual.