Information Security Officer (ISO)

Your role
The Information Security Officer provide expertise support and guidance to all teams at SNV on implementing maintaining and reporting on information security posture around confidentiality integrity and availability. The ISO will function within the context of SNVs comprehensive Information Security Governance Framework which includes maintaining a robust Information Security Management System (ISMS) based on industry standards such as ISO/IEC 27001.

This is a new position within a newly established information security organization at SNV reflecting the organisations commitment to enhancing its security posture. The ISO will support the Global Information Security Officer (GISO) in executing the information security strategy and will deeply collaborate with the country teams and the various global teams to conduct risk assessments propose and implement measures in line with the Information Security policy and support in manage information security incidents. This role is pivotal in fostering a culture of information security awareness and ensuring that SNVs information security measures are aligned with its strategic goals and regulatory requirements.

The Information Security Officer reports to the Global Head of ICT and has a functional reporting line to the Global Information Security officer (GISO). It is the intend that over time the ISO will grow into the GISO role. The GISO role is currently fulfilled on a part-time basis by an expert consultant.

Context of the role
SNV has set out a strategy to further mature its information security function. With increasingly digitalized management across all SNVs operations it becomes crucial to ensure there is full control over all our digital assets and information. This is especially relevant as SNV works and collaborates with many partner and donor organizations across all its projects which creates additional complexities in the landscape of information governance. Furthermore SNV will likely establish a multi-year Digital Transformation roadmap focusing on increased impact and operational excellence. This will require more robust and fully embedded information security practices in the organisation.

Key job responsibilities
The main responsibilities of the ISO are the following:

• Support in developing maintaining and implementing information security measures processes and procedures
• Support in preparing and conducting Business Impact Assessments and Risk Assessments
• Support GISO in preparing and executing the annual information security plan
• Respond to and manage information security incidents and breaches including conducting investigations and proposing and implementing corrective actions
• Support the GISO in ensuring compliance with relevant data protection laws and regulations
• Coaching and guiding of Information Security Ambassadors to ensure the ISAs are enabled to translate the information security policy and procedures into concrete measures that need to be implemented and embedded into the work processes of their respective team as well as support the ISAs in reporting back on information security posture of their team.
• Developing and maintaining guidance for SNV employees on how to put the information security policy into practice in day-to-day work.
• Be champion and go to person for information security related questions from the organization. Leverage the SNV Intranet to share guidance information.
• Expertise: Stay up to date with the latest security systems standards authentication protocols and products. Build and grow expertise through formal training and certifications as well as participating in information security related communities and events.
• Collaboration: Coordinate with technology and business teams to assess risk and stay abreast of cybersecurity threats
• Reporting: Review analyse and deliver reports on security incidents to senior management as well as overall state of information security against plan.

Qualifications :

To be considered for this role you will need: 

• Higher professional education or university level
• Understanding of ISO27K controls
• 2 to 3 years of experience in a (C)ISO role or a role that was exposed to information security aspects
• Experience with implementing information security measures and controls across an organisation; performing risk assessments and risk analyses methods
• Experience with providing coaching and guidance from an expertise role to people and teams
• Knowledge of general business management organisational governance systems and cybersecurity
• Solid understanding of the EU General Data Protection Regulation
• You take initiative and are creative in solving problems
• Ability to work with guide and foster productive collaboration with hybrid teams across the entire SNV organisation
• You are eager to help grow information security awareness and practices across the organisation
• You are willing to learn
• Willingness to travel a few times per year
• Strong oral and written communication skills in English
• Solid computer skills in MS-applications (Word Excel Outlook Powerpoint Internet etc.)

Additional Information :

Working for SNV 
We are home to 57 cultures working in over 20 countries with about 95% of our team members holding the nationality of the respective countries we work in. We promote (international) career development. Our workforce consists of a mix of both people with longstanding tenure willing to share their institutional knowledge as well as people with external backgrounds and experience. All with an inquisitive view and united in ONE SNV working towards our purpose. 

Together we are committed to the effective and efficient stewardship of resources and maximising positive lasting impacts. Our ability to deliver results rests on our robust foundation of experience technical knowledge evidence and learning; our commitment to strengthening capacities and catalysing partnerships; and the relationships and trust of those we work alongside. 

At SNV inclusivity is at the heart of our ethos. We celebrate the diversity of our workforce and uphold a policy of non-discrimination based on factors such as disability status religion ethnic origin gender sexual orientation and more. 

We offer a stimulating work environment opportunities to lead and innovate and a commitment to growing your skills in a fulfilling international working environment.  

Other Information

• Contract type: National employment contract - fulltime/40 hours a week. initial contract duration: 12 months  

• Duty station (hybrid work model): The Hague / The Netherlands 

• Expected start date: November 2025

How to Apply
If you meet the requirements and are excited about this opportunity we would love to hear from you. Apply today by uploading your CV and motivation letter by 6th of August at the latest. Applicants can expect to hear back from us regarding the status of their application by 8th of August 2025. 

Reference & Vetting Check
Potential candidates will be asked to provide the contact details of a person who is willing to act as a reference; this could be a university professor or a line manager from a previous job assignment.

SNV carries out rigorous background and reference checks concerning possible safeguarding incidents for all candidates applying for International determined positions. As SNV participates in the Inter-Agency Misconduct Disclosure Scheme all reference checks include a request to past employers to fill in a questionnaire regarding Misconduct (sexual exploitation sexual abuse or sexual harassment) the Statement of Conduct. This Statement of Conduct adopts the definitions used in the Scheme.