Information security officer grc (1.0 fte)

Information Security Officer GRC (1.0 FTE)

Functieomschrijving

Are you a Security professional who wants to rise above yourself, in your profession and as a person? Do you want to be challenged every day? At the TU/e, scientists and students continuously create the unthinkable. The strength of the IT landscape is their key to success and, hence, so are you. These creative minds expect you to offer them a solution for tomorrow that does not exist today. Together we are building the high-performance backbone that this epicenter of science and technology demands.

Information security is a high-priority topic at Eindhoven University of Technology. Our research (and other) data is as open as possible and is protected where it needs to be confidential. Accountability lies with the management of the university, and everyone (student or staff) has their own role to play. Our Governance, Risk and Compliancy (GRC) Team has advising, mitigating, and auditing responsibilities. This team also translates our security guidelines to tactical and operational activities.

The position

We are a team of three looking for an Information Security Officer GRC (Governance Risk Compliance). You can apply information security in all ICT domains, know how to perform a risk assessment and are able to audit the implementation and effectiveness of information security controls and define compensating controls when gaps are identified, based on the NBA audit framework. You are a (technical) specialist, as we want to also be able to provide a helping hand to the scientific departments to increase their security maturity. Understanding the organizational structure and processes of a university is therefore a preference.
We report to various (levels of) stakeholders from the executive board to managing directors, product teams and the CISO and everything in between.

Functie-eisen

• Minimum education requirement is a Bachelor degree.
• You are familiar with international security standards, like ISO and NIST, and AVG/GDPR/CLOUD Act.
• You know Risk Management and how to perform risk assessments.
• You identify threats, risks and anticipate as well as contribute to the mitigation or prevention of threats and are making your colleagues more security aware in the process.
• You can advise on policy implementations and best practices..
• Formulating and maintaining information security processes and procedures and compile security reports for management.
• Experience with Agile Methodology and Scrum in particular is a plus.
• Ability to adapt to new technologies, in the field of security and pass on this knowledge.
• Excellent analytical skills and someone who thrives in a research environment.
• You are a team player, who likes to collaborate with colleagues.
• CISM, CISSP or SSCP certification is a plus.
• Having experience auditing IT systems, applications and processes on information security is a plus.
• You are analytical, have a proactive attitude and have extended problem solving skills.
• Strong written and oral communication in both English and Dutch.
• Ability to communicate on all organizational levels.

Arbeidsvoorwaarden

An exciting position within an international yet personal university. You are right in the middle of the students, on a green campus within walking distance of the central station. We also offer you:

• A monthly salary of minimum €3.378,- to maximum € 6.209,- for full-time employment, depending on your knowledge and experience (salary scale 10 or 11 collective labor agreement for Dutch Universities).
• In addition to vacation pay, also a structural end-of-year bonus of 8.3% (one extra month).
• A favorable arrangement for more holidays or a sabbatical.
• A selection model for additional fringe benefits.
• Working hours in consultation for an optimal work-life balance.
• Scope for your talent with advancement prospects and excellent

  development opportunities

  such as mentoring, workshops and coaching.
• Partially paid parental leave and reimbursement for commuting expenses, working from home and the internet.
• A generous employer contribution to the favorable ABP pension plan.
• Upon starting, we initially offer a one-year contract, with the prospect of indefinite employment thereafter.

. Build on your career at TU/e!

Informatie en sollicitatie

.

Interested candidates are encouraged to apply using the 'apply now'-button.
We look forward to receiving your application.

(VOG) Screening of candidates is part of the selection procedure. If applicable, internal candidates will be given priority over external candidates in case of equal suitability.