Senior Information Security Officer

Are you a seasoned Information Security professional with a passion for management systems and a keen eye for detail? We're looking for a Senior Information Security Officer.

In this position, you will be the driving force behind our compliance efforts, ensuring our information security, privacy, and quality standards are met, and continuously improved.

If you thrive on managing complex systems, leading audit processes, and fostering a culture of security awareness, this is the perfect opportunity for you!

Mendix – the leading low-code application development platform:

The Mendix Platform uses visual modeling to abstract long-form coding out of application development. Our customers use Mendix to create and deploy better software for the enterprise, faster. Mendix enables collaboration between business users and developers to work together throughout the development process.

Duties & Responsibilities

• Develop and maintain a sophisticated security, privacy and quality management system.
• Drive the strategic implementating and maturing of security controls in collaboration with stakeholders.
• Design, develop and deploy high-impact information security awareness.
• Orchestrate and lead end-to-end audit lifecycle management.
• Govern comprehensive documentation frameworks.
• Provide regular data-driven reporting on security status, emerging risks, key performance indicators, and strategic recommendations to inform critical decision-making.
• Cultivate and manage strategic partnerships with key vendors and internal stakeholders.
• Serve as trusted advisor to business units.

Qualifications

• 3-5 years experience in a position with significant information security responsibilities.
• Independent and active information security certification (e.g. CISM, CISSP, ISO 27001 Lead implementer) is required.
• Bachelor’s or Master’s degree in Computer Information Systems, Computer Science, Accounting, Information Systems, Computer Engineering, Industrial Engineering, or related program.

Required Experience & Skills

• Extensive experience with ISO 27001 and other relevant ISO standards (e.g., 27017, 27018, 42001, 27701, 22301, 9001).
• Demonstrated experience in successfully leading and managing audits.
• Proficiency with GRC tools for tracking and reporting.
• Deep understanding of information security principles, risk management, and compliance frameworks.
• Strong grasp of data protection regulations (e.g., GDPR, local privacy laws).
• Familiarity with various security technologies and best practices.
• Exceptional organizational skills and meticulous attention to detail.
• Strong project management abilities, capable of handling multiple priorities.
• Excellent written and verbal communication skills, with the ability to articulate complex security concepts to diverse audiences.
• Proven ability to collaborate effectively with internal teams, external auditors, and vendors.
• Analytical mindset with strong problem-solving capabilities.
• Ability to work independently and as a proactive team player.

If you see a job description and think, “I’d be perfect for that” but your experience doesn’t align perfectly with the qualifications – don’t let that hold you back. We’re always eager to hire talented, passionate candidates – so give it a try and apply.