Business Information Security Officer

What are you going to do?

You will help to maintain and improve the Group ISMS and oversee the development, implementation, and maintenance of information security policies, risk management processes, and compliance initiatives throughout the whole organization. You will also need to maintain and improve the Group Information Security Governance framework, ensuring alignment with the organization's overall governance structure. You will closely work with Chief information security officer, Privacy Officer and senior management to establish and monitor information security policies, procedures, and standards. You will therefore facilitate regular security governance meetings and provide updates to senior management.

Further responsibilities are:

• Identify, assess, and prioritize information security risks.
• Develop and manage the risk management program, including risk assessment methodologies and risk treatment plans.
• Ensure compliance with internal policies, regulations, and industry standards (e.g. ISO 27001, NEN 7510, PCI DSS).
• Develop and maintain information security compliance policies, procedures, and controls.
• Coordinate and oversee information security compliance audits and assessments.
• Keep abreast of regulatory changes and update information security compliance programs accordingly.
• Develop and manage a central information security policy framework.
• Detect and suggest improvements in Mediq Group policies.

What is your background?

• Bachelor's degree in Information Security, Cybersecurity or a related field
• Relevant professional certifications, such as CISSP, CRISC, CISM
• Excellent communication and negotiation skills.
• Strong knowledge of information security governance, risk management, and compliance principles, practices, and regulations.
• Analytical skills, problem-solving abilities and have a pragmatic attitude.