Medior Information Security Officer

Waar ben je naar op zoek?

We bieden je

• NS Business card, ook privé te gebruiken
• 13e maand en vakantiegeld
• 27 vakantiedagen en 1 Diversiteitsdag
• Hybride werken

Waarom Nationale-Nederlanden

• Support +20 miljoen klanten
• Sterk Nederlands merk
• Inclusieve werkgever
• Werken aan vitaal Nederland

Do you want to apply your information security knowledge and experience in a dynamic and growing environment where you can help us mitigate risks and stay in control?

What you are going to do

The NN Customer & Digital security team is looking for a medior information security officer who is able to take a proactive role in the management of information security risks in collaboration with the C&D Devops teams and product owners to help us stay in control.

Within C&D we have several teams, including end-to-end Devops teams. In this environment you are seen as the medior information security expert. As a medior Information Security Officer, you will advise and support teams in making risk assessments, help teams to mitigate the risks and to improve their security knowledge and posture. Reviewing and verifying if technical measures are implemented correctly and supporting the (Devops) teams to that end, is part of your responsibility.

Your role as team member of the C&D security team is to define, review and support implementing the standards and guidelines for a structured and well-aligned way of working for information security and compliance.

In this role you will be working with the second line, internal auditing and with the different C&D (Devops) teams on a wide variety of information security and compliance tasks, e.g. performing security reviews, threat modelling, provide information security advice, interpret vulnerabilities and assist in solving audit finding.

You help:

• Assess, review and report on the implementation of security controls based on our IT control framework (ITCF)
• Assist in the procedure of information risk assessments and create in control statements
• Verify whether control measures are properly set up, formulate recommendations for improvement, and be the point of contact in the event of audits
• Perform risk assessments on third party suppliers to ensure they meet our security requirements and the regulatory obligations
• Perform Threat Modelling and walk through vulnerabilities with teams and advise on solutions

What we offer you

NN invests in an inclusive, inspiring work environment and in skills and competences for the future. We match this with employee benefits that are in line with what is needed today and in the future. This way, we offer our employees the opportunity to get the best out of themselves. We offer you:

• Salary between €4,092 and €5,846 depending on your knowledge and experience
• 13th month and holiday allowance are paid with your monthly salary
• 27 vacation days for a 5-day working week and one Diversity Day
• A modern pension administered by BeFrank
• Plenty of training and learning opportunities
• NS Business Card 2nd class, which gives you unlimited travel, also privately. Do you prefer to travel with your own transport? Then you can declare the kilometers travelled
• Allowances for setting up your home office and for internet use

Who you are

We are looking for a candidate with at least 5 years of working experience as a security officer, preferably within the financial sector. A Bachelor or Master degree, preferably with additional certification such as a CISSP or CRISC. A person who understands information security control tracking, has experience with closing IT security audit findings, can perform security reviews and can consult Devops teams in the implementation of security measures preferably in cloud environments.

• Proactive, result-driven and able to set priorities and plan ahead
• Able to enter into a discussion with product owners regarding the design choices and integrity of the applications, identify risks, and give advice on appropriate solutions and measures
• Able to propagate and defend the agreed internal guidelines in the field of information security risk management
• Listen to the concerns and needs of the devops teams and guide them in achieving security goals
• A team player: you are supportive and flexible in picking up tasks when priorities change

Who you will work with

As a medior Information Security Officer, you will work within the Customer & Digital (C&D) business unit that focuses on all of NN's generic customer-oriented activities in the Netherlands.

For these activities, C&D is the connecting factor between the various business units, to ensure that the customer (private, business and intermediary) experiences us as one NN and always receives the optimal service. From a IT perspective this means we take care of all generic platforms and capabilities that are used within NN to service our customer. Such as the digital client portals, the app and the chat-bot solution.

The C&D Security team is a self-organising team of 5 security officers. A well-balanced team in experience, age and a variety of skills. People who interact daily, cooperate and support each other. We believe in continuous learning by coaching on the job, training and education. Our core values as a security team are: transparency, reliability, cooperation and evolving.

Bij NN geloven we dat onze kracht ligt in het omarmen van de volledige diversiteit van de mensheid. We erkennen en waarderen ieders uniciteit en bijdrage, wat ons in staat stelt om te groeien: als individu, als team en als organisatie.

Diversiteit, Gelijkheid en Inclusie zijn verankerd in onze cultuur, die wordt geleid door onze kernwaarden: care, clear en commit. Deze waarden helpen ons om een werkomgeving te creëren waarin iedereen zich welkom, gerespecteerd en trots voelt om deel van uit te maken.

Be you. You have our support.

Onze kantoren zijn 100% circulair gerenoveerd. Zero waste, maar zonder concessies te doen aan het ontwerp.

Onze in-house 'event space' is hét creatieve centrum voor het delen van kennis.

Bij NN werken we hybride. Samen met jouw team bepaal jij waar en wanneer je werkt.

'You Matter', dat is onze merkbelofte. Dit zie je terug in onze arbeidsvoorwaarden, communicatie en op kantoor.

Het kantoor is een ontmoetingsplek, met ruimte om te brainstormen en samen te werken.

Ons hoofdkantoor ter gelegenheid van het event: 'Den Haag Stad Escher' in 2023.

NN heeft een rijke historie, al meer dan 175 jaar. Wij delen dit graag met elkaar.

Wij geloven in de kracht van kunst en zijn trotse partner van het Mauritshuis.