The NN Group IT Organization is looking for an information security officer who is able to take a proactive role in the management of information security risks. The ideal candidate should have a deep understanding of IT security and compliance methods, industry standards, and be proactive in adopting and implementing security practices and processes. Additionally, the candidate must be committed to staying up-to-date with security trends and advancements, and identifying opportunities for new initiatives that can lead to further enhancements.

What you’re going to do

In our organization all business units are responsible for ensuring the security of our IT-environment. As a member of the Security Consultancy & Assurance team, you will be focussing on the Group IT department. As a team, our biggest challenge lies in verifying and reviewing technical measures to ensure their correct implementation, while also providing advice and support to the devops teams. We must balance residual risk with the necessary measures and assist product owners and their teams in making informed decisions and supporting them in discussions with the Risk Management department. Our ongoing challenge is to optimize IT security procedures and processes, automate as much as possible to increase quality and reduce manual procedures.

Your responsibilities include:

Advising a wide variety of stakeholders (devops teams, management teams, contract managers, project managers, etc.) technically, content, and process-wise on how to implement the required security measures and minimise the risks within their domain
Working with the Security Consultancy & Assurance team on a wide variety of security and compliance tasks, e.g. periodically assessing the implementation of security controls within the Group IT departments, regulatory compliance reporting, reviewing security documentation, deep-dive asset reviews, threat modelling, provide IT security training and coaching, interpret vulnerabilities and security incidents on impact for services, supply chain security, etc.
Working in close cooperation with the devops infrastructure and application teams, Risk Management, as well as other security disciplines like our own Security Operation Center and Defensive security teams, to proactively identify the appropriate security measures and support devops teams to implement them

What we offer you

NN invests in an inclusive, inspiring work environment and in skills and competences for the future. We match this with employee benefits that are in line with what is needed today and in the future. This way, we offer our employees the opportunity to get the best out of themselves. We offer you:

Salary between €3.783 and €5.405, based on 36 hours and depending on your knowledge and experience
13th month and holiday allowance are paid with your monthly salary
27 vacation days for a 5-day working week and one Diversity Day
A modern pension administered by BeFrank
Plenty of training and learning opportunities
NS Business Card 2nd class, which gives you unlimited travel, also privately. Do you prefer to travel with your own transport? Then you can declare the kilometres travelled
Allowances for setting up your home office and for internet use

We work hybrid at NN. Together with your team, you decide where, how and when you work. The official location of this job is The Hague.

Who you are

Concise and eye for detail while keeping the overall picture and goal in mind
Clear communication style and being able to cooperate with people with various backgrounds
You are a team player: you are supportive and flexible in picking up tasks when priorities change
You are aware of your strengths and improvement areas and are consciously working on your personal development. In order to keep learning, you like to stay up-to-date with the latest developments within the security field
Skilled and experienced (+3 years) in IT and IT security, preferably educated as Bachelor or Master degree in IT (or other technical and/or security oriented study). Being SSCP or CISSP certified is an advantage. Security knowledge on applications, SAP and /or cloud is preferred

Who you will work with

The Security Consultancy & Assurance team is a well-balanced team in experience, background, age and a variety of skills, with intensive daily interaction, cooperation and supporting each other on difficult topics. We are very keen on keeping our environment secure and safe, continuous learning by coaching on the job and by training and education. And very important: having a lot of fun in working together and having regular team drinks, online pubquizes and social activities like a beach clean-up!

Any questions?

If you have any questions about the vacancy, you can reach out via phone or WhatsApp to Nicky Stalknecht, recruiter via +31 6 2342 1662.