Security Expert

As a seasoned security expert, you don’t just assess and manage security risks - you want to shape the future of secure digital transformation. With years of in-depth technical security experience, you have earned your credibility as an expert. You are now motivated to leverage that expertise, while at the same time operate at a higher, structural level. With your critical mindset and technical expertise, you empower our decentral security professionals and teams, influence decision-makers, and elevate security maturity across Engineering & Enterprise Tech, supporting 24 tribes and impacting 43,822 Rabobank colleagues worldwide.

You and your job

Shape and improve security maturity across Engineering & Enterprise Tech as a Security Expert. Operate at a more strategic, overarching level by analysing CISO priorities, challenging execution, improving processes and governance, and ensuring consistent security implementation across domains, while leveraging your strong technical background to guide and influence teams.

Your role

Engineering & Enterprise Tech (E&E Tech) is one of four Tech divisions within Rabobank’s CITO department, providing end-to-end IT services and innovation for customers, employees, and engineers. As the backbone of Rabobank’s IT landscape, E&E Tech supports both domestic and global operations across the full technology stack.

As a Security Expert in the E&E Tech Control Office Security, you act as a bridging advisor across domains. You discuss CISO priorities, assess standards, define requirements, and evaluate solutions to maintain and enhance Rabobank’s information security. From a central position, you collaborate closely with domain security colleagues, ensuring alignment in process execution, quality, and knowledge sharing. You are the go-to expert for Lead Security and decentral security professionals, driving maturity and cross-domain collaboration.

This is not a purely hands-on role, but a step above execution. You bring the technical depth to challenge teams, while focusing on improving processes, governance, culture, and overall security effectiveness across the organisation.

Are you a critical thinker with a passion for cyber security? Do you want to take ownership and make a difference? Can you translate complex challenges into practical solutions, oversee the bigger picture, and drive improvements across a large organisation? Then we’re looking for you.

What sets this role apart

This role goes beyond hands-on security: it’s an opportunity to strengthen security capability across E&E Tech and shape the future of cybersecurity within a large tech organisation. You operate at the intersection of strategy, engineering, and innovation, combining in-depth discussions with engineers with a focus on process improvements and responsibilities. You ensure security risk management processes run effectively, and that standards, assessments, and controls are applied consistently and with quality.

You also assess risks related to emerging technologies, including (gen) AI, translating innovation into practical security implementations to keep Rabobank ahead of evolving cyber threats. By leading by example, you educate teams and drive lasting improvements in how security is understood and applied.

In addition, you help facilitate the cross-domain security guild, fostering collaboration, continuous learning, and shared responsibility.

Practical examples

• Collaborate on new security standards and cyber priorities, ensuring translation into actionable requirements across multiple domains.
• Translate CISO cyber priorities into activities as part of the security program (XDAT).
• Provide input on in-control activities executed within E&E Tech and highlight attention points through the in-control meeting.
• Challenge security professionals and squads on adherence to security processes and quality standards.
• Drive improvements in governance, standardization, process execution, and actively facilitate cross-domain alignment within E&E Tech.

Key responsibilities

• Cross-domain alignment: Ensure security processes, controls, and assessments are consistently and effectively executed across domains. Bridge decentralized teams and the central CISO office on standards, high-risk findings, and cyber priorities.
• Security Enablement: Support decentral security professionals with security assessments, design reviews, and translating standards into actionable requirements by standardizing practices and knowledge.
• Security Culture Building: Participate in and help facilitate the E&E Tech security guild, promote best practices, and drive security maturity across domains.
• Advisory Role: Act as a sparring partner for Lead Security, domain security specialists, TCO, and DCOs on high-risk and strategic topics.
• Security Advocacy: Educate and raise awareness for E&E Tech on the “why” behind security - not just the “what.”

Your profile

• University degree in Computer Science or another relevant study
• Around 5–10 years of relevant experience in IT/security roles
• Deep expertise in information and cyber security (e.g., CISSP, CCSP and/or CISA)
• Solid knowledge of security engineering, including cloud (Azure/AWS), risk management, and compliance, as well as security risks related to (gen) AI
• Experience with assurance frameworks such as ISO27001, SOC2, and ISAE 3000
• Experience in governance, operating models, and process improvements
• Fluent in English; Dutch is a plus
• Team player and strong connector between the central team and decentralized execution
• Resilient, proactive, and motivated by challenge
• Excellent communicator, able to influence at all levels and drive accountability without hierarchy
• Thrives in a collaborative, fast-paced environment
• Strong ability to stand your ground and engage with senior stakeholders
• Eligible to work in the Netherlands