Senior Information Security Officer

Hybrid: from home and our office at Amsterdam Central Station

Salary: between 68,000 EUR to EUR 80,000 (before taxes) plus excellent secondary benefits (see below)

Full-time: 37.5 hours per week 

IMPORTANT: you should be living in the Netherlands or willing to relocate

We are seeking an experienced Senior Information Security Officer who is passionate about supporting the well-being of the Internet. In this role, you will take the lead in securing the RIPE NCC’s services and data, proactively addressing security challenges, and shaping the evolution of our security operations. As a trusted partner, you will collaborate with teams across the organisation to build resilient solutions that protect our digital ecosystem.

If you are motivated by solving complex security challenges and making a meaningful impact, we would be delighted to hear from you.

🧠 What you will be doing: 

• Security Governance: Contribute to the execution of the information security strategy. Establish and enforce security policies, procedures, and standards to mitigate risks.

• Security Reviews and Advisory: Perform regular security assessments and application security reviews to identify potential threats and weaknesses.  Effectively communicate security findings and work closely with various internal stakeholders to identify, advise, and implement security improvements. 

• Vulnerability Management and Testing: Identify, track, prioritize, and collaborate with technical teams to remediate vulnerabilities effectively. Perform testing to identify vulnerabilities and validate security controls.

• Security Incident Management: Lead security incident response efforts. Collaborate with internal teams and external partners for effective incident response and risk reduction.

• Training and awareness: Develop and deliver security awareness training programs for employees. Actively promote awareness of security practices. Act as a security advisor during product planning and development phases to balance usability, performance, and security.

Security Governance: Contribute to the execution of the information security strategy. Establish and enforce security policies, procedures, and standards to mitigate risks.

Security Reviews and Advisory: Perform regular security assessments and application security reviews to identify potential threats and weaknesses.  Effectively communicate security findings and work closely with various internal stakeholders to identify, advise, and implement security improvements. 

Vulnerability Management and Testing: Identify, track, prioritize, and collaborate with technical teams to remediate vulnerabilities effectively. Perform testing to identify vulnerabilities and validate security controls.

Security Incident Management: Lead security incident response efforts. Collaborate with internal teams and external partners for effective incident response and risk reduction.

Training and awareness: Develop and deliver security awareness training programs for employees. Actively promote awareness of security practices. Act as a security advisor during product planning and development phases to balance usability, performance, and security.