Job Detail

Security > IT westpac-small

Information Security Officer - Amsterdam

Location: Western Europe > The Netherlands > Amsterdam
Work Type: Full Time

Responsibilities:

  • Ensure that our security and compliance accreditations GDPR, PCI DSS, ISO 9001 and ISO 27001 accreditations & ISEA3402 are achieved and maintained

  • Identify the associated compliance control gaps and oversee the documentation, implementation and testing of the entire compliance control portfolio

  • Develop and implement compliance control monitoring programs to ensure compliance-related risks are managed to the appropriate level of acceptable residual risk.

  • Implement and maintain a compliance issue management tracking and resolution process that will address known issues, according to severity and potential impact to the organisation.

  • Collaborate and closely work together with key internal departmental stakeholders such as Product, Engineering, IT Infrastructure and Finance to achieve and maintain our security and compliance accreditation.

  • Report the levels of compliance risk and control effectiveness to key stakeholders such as the Board, Suppliers, Legal management, Regulators, Internal/External auditors, etc.

  • Coordinate audit-related tasks such as ensuring the readiness of managers and their organisations for audit testing and facilitating the timely resolution of any audit findings.

  • Provide technological advice and insight on compliance requirements to non-IT leaders

  • Assist business and IT managers with the acquisition of tools and expertise to assist with

    compliance- related projects and initiatives.

  • Execute a compliance training and awareness program that periodically educates the requisite end-

    user community on the relevant compliance requirements, and certifies their adherence to the

    relevant compliance controls.

  • Assist in Business continuity planning and review

  • Execute security awareness trainings for all employees and secure coding training for all developers

    You have:

  • Excellent understanding of information security concepts, protocols, industry best practices and strategies.

  • Experienced in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.

  • Strong analytical skills to analyse security requirements and relate them to appropriate security controls.

  • Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.

  • A strong understanding of the business impact of security tools, technologies and policies.

  • (In-depth) knowledge and understanding of information risk concepts and principles as a means of

    relating business needs to security controls;

  • Hands-on, able to see the holistic picture as well be able to dive in the details / depth and vice

    versa.

  • Excellent verbal, written and interpersonal communication skills, including the ability to

    communicate effectively with the all layers of the organisation;

  • Project management skills and Risk assessment.

  • The ability to work effectively together with internal key stakeholders.

  • Pro-active/self-starter, capable to work with minimal supervision.

  • Experience and/or a strong understanding of GDPR, and aware of the exceptions that can apply per

    PMG country.

  • Experience and/or an understanding of operating system internals and network protocols.

  • Experience and/or an understanding of application technology security testing.

       • Experience and/or an understanding of system technology security testing (vulnerability scanning and                 penetration testing).

Required Experience:

  • CISA, CISM and/or CISSP Certifications.

  • A minimum of five (5) years’ experience in an Information Security role.

  • A minimum of five (5) years of IT experience.

  • A bachelor's degree in information systems or equivalent work experience; an M.B.A. or M.S. in

    information security is preferred.

  • Experienced with ISO 27001 and PCI-DSS.

 

Reference Number: 7682
Contact Details:keir@teampcn.com
Profession:  Security > IT
Company:Payments and Cards Network

Interested in this job?