Information Security Officer GRC
Information Security Officer GRC
Job description
Are you a Security professional who wants to rise above yourself, in your profession and as a person? Do you want to be challenged every day? At the TU/e, scientists and students continuously create the unthinkable. The strength of the IT landscape is their key to success and, hence, so are you. These creative minds expect you to offer them a solution for tomorrow that doesn't exist today. Together we are building the high performance backbone that this epicenter of science and technology demands.
Information security is a high-priority topic at Eindhoven University of Technology. Our research (and other) data is as open as possible, and is protected where it needs to be confidential. The accountability lies with the management of the university, and each individual (student or staff) has their own role to play. Our Security Operations Team has advising, mitigating and auditing responsibilities. This team also translates our security guidelines to tactical and operational activities, and is responsible for analyses and emergency response.
The position
The two Information Security Officers GRC (Governance Risk Compliance) we are looking for are able to apply information security in all ICT domains, know how to perform a risk assessment and are able to audit the implementation and effectiveness of information security controls. One is therefore more a generalist, in the area of information security (people, process & technology) rather than a specialist within one specific domain. The other one can be more of a (technical) specialist as we want to also be able to provide a helping hand to the scientific departments to increase their security maturity. Understanding the organizational structure and processes of a university is therefore a preference.
Information security is a high-priority topic at Eindhoven University of Technology. Our research (and other) data is as open as possible, and is protected where it needs to be confidential. The accountability lies with the management of the university, and each individual (student or staff) has their own role to play. Our Security Operations Team has advising, mitigating and auditing responsibilities. This team also translates our security guidelines to tactical and operational activities, and is responsible for analyses and emergency response.
The position
The two Information Security Officers GRC (Governance Risk Compliance) we are looking for are able to apply information security in all ICT domains, know how to perform a risk assessment and are able to audit the implementation and effectiveness of information security controls. One is therefore more a generalist, in the area of information security (people, process & technology) rather than a specialist within one specific domain. The other one can be more of a (technical) specialist as we want to also be able to provide a helping hand to the scientific departments to increase their security maturity. Understanding the organizational structure and processes of a university is therefore a preference.
Specifications
- max. 38 hours per week
- Eindhoven View on Google Maps
:fill(white)/logos/tue-en-wide_acOLN2b.png)
Eindhoven University of Technology (TU/e)
Requirements
Who are you?
- Minimum education requirement is a Bachelor degree;
- You are familiar with international security standards, like ISO and NIST, and AVG/GDPR/CloudAct;
- You know Risk Management and how to perform risk assessments;
- You identify threats, risks and anticipate as well as contribute to the mitigation or prevention of threats and are making your colleagues more security aware in the process;
- You can advise on policy implementations and best practices;
- Formulating and maintaining information security processes and procedures and compile security reports for management;
- Experience with Agile Methodology and Scrum in particular is a plus;
- Ability to adapt to new technologies, in the field of security and pass on this knowledge;
- Excellent analytical skills and someone who thrives in a research environment;
- You are a team player, who likes to collaborate with colleagues;
- CISM, CISSP or SSCP certification is a plus;
- Having experience auditing IT systems, applications and processes on information security is a plus;
- You are analytical, have a proactive attitude and have extended problem solving skills;
- Strong written and oral communication in English, Dutch is a plus;
- Ability to communicate on all organizational levels.
Conditions of employment
An exciting position within an international yet personal university. You are right in the middle of the students, on a green campus within walking distance of the central station. We also offer you:
Here you can discover even more information about our conditions of employment. Build on your career at TU/e!
- A monthly salary of minimum € 3.226,- to maximum € 5.929,- for full-time employment, depending on your knowledge and experience (salary scale 10 or 11 collective labor agreement for Dutch Universities).
- In addition to vacation pay, also a structural end-of-year bonus of 8.3% (one extra month);
- A favorable arrangement for more holidays or a sabbatical;
- A selection model for additional fringe benefits;
- Working hours in consultation for an optimal work-life balance;
- Scope for your talent with advancement prospects and excellent development opportunities such as mentoring, workshops and coaching;
- Partially paid parental leave and reimbursement for commuting expenses, working from home and the internet;
- A generous employer contribution to the favorable ABP pension plan;
- Upon starting, we initially offer a one-year contract, with the prospect of indefinite employment thereafter.
Here you can discover even more information about our conditions of employment. Build on your career at TU/e!
Additional information
Do you recognize yourself in this profile and would you like to have more information about the function, please contact Ruud Vrijsen via r.p.j.vrijsen[at]tue.nl.
For other questions about conditions of employment contact internal Recruiter Rob van der Linden via r.m.e.v.d.linden[at]tue.nl or via tel. 06 39 58 22 73
Application
We look forward to receiving your application. Interested candidates are encouraged to apply using the 'apply now'-button.
(VOG) Screening of candidates is part of the selection procedure. If applicable, internal candidates will be given priority over external candidates in case of equal suitability.
For other questions about conditions of employment contact internal Recruiter Rob van der Linden via r.m.e.v.d.linden[at]tue.nl or via tel. 06 39 58 22 73
Application
We look forward to receiving your application. Interested candidates are encouraged to apply using the 'apply now'-button.
(VOG) Screening of candidates is part of the selection procedure. If applicable, internal candidates will be given priority over external candidates in case of equal suitability.
Specifications
- IT
- Engineering
- max. 38 hours per week
- Higher professional education
- V81.7065
Employer
Location
Interesting for you
Apply for this job
Apply for this job
This application process is managed by the employer (Eindhoven University of Technology (TU/e)). Please contact the employer for questions regarding your application.
Thank you for applying
Please contact the employer for questions regarding your application.
Tip: save this job as favorite in your AcademicTransfer account. This gives you an immediate overview and makes it easy to find the job later on. No account yet? Create it now and take advantage of other useful functionalities too!
Application procedure
Application procedure
Make sure to apply no later than 13 Dec 2023 23:59 (Europe/Amsterdam).