Information Security Officer
Share
Job Location:
Rotterdam - Netherlands
Monthly Salary:
€ 6 - 8
Posted on:
14 hours ago
Vacancies:
1 Vacancy
Job Summary
Your Role
The personwhoruns ICTinfrastructureandthepersonwhoindependentlytestswhetherICTcontrolsareworkingneedtobedifferentpeople. InthisroleyouowntheISMScarryISO 27001andDORA compliance forwardandserve astheindependentchallengefunctionforallICT riskatBlockrise
You will have direct access to the Board and to regulatory conversations. You are building the function with the right structural independence behind it.
You will have direct access to the Board and to regulatory conversations. You are building the function with the right structural independence behind it.
What youll do
- OwntheISMS.MaintainanddevelopBlockrisesInformation Security Management Systemkeepingitcurrentasthebusinessscalesandtheregulatoryenvironmentevolves.
- Drive ISO 27001certification.Manageongoingcomplianceandauditreadiness.Owntherelationshipwithourexternalauditorandcertificationbody.
- ImplementDORA.TranslateArticles5-15 (ICT riskmanagement) 23-25 (incidentreporting)and28-30 (third-party risk)intooperationalcontrolsdocumentedevidenceandtestingcycles.
- Defineandenforcesecurity policy.Ownthepolicyframeworkacrosstheorganisation.Policiesneedtoholdupunderauditandinanactualincident.
- Overseevulnerabilitymanagementandpenetrationtesting.WorkwithourIT teamandexternalpartiestoensurefindingsaretrackedprioritizedandremediated.
- Lead security incident response.Owntheprocessfrompreparationthroughdetectioncontainmentandregulatoryreportingwhere.
- Managethird-partyandcloudsecurity risk.AssessandoverseethesecuritypostureofourGCP environmentandcriticaloutsourcedservice providers.
- Act as second-linechallenge.Independentlyreview testandverifythatfirst-line ICTcontrolsareoperatingasintended. Reportfindingswithout a filter.
- ReporttotheBoardandregulators.Translatetechnicalriskintoplainbusinesslanguage.Representsecurity at seniorandregulatorylevel.
- Keepthetoolingstackcurrent.KeepICT Risk Managementsystemsandend pointprotectioncurrent.Identifygapsandproposesolutions.
What you bring
WHAT YOU BRING
- 5 or moreyearsin information securitywithatleast2yearsholding ISMSownershipor equivalent scope.
- Hands-on experience implementing or maintaining ISO 27001 certification. Youwereactivelyinvolvedin runningtheprogrammenotsupporteditfromtheside.
- Solidworkingknowledgeof DORAspecificallyArticlesand28-30withexperiencetranslatingregulatoryrequirementsintocontrols.
- Experienceacrossvulnerabilitymanagementpenetrationtestingoversightandsecurity incident response.
- Atrack unitswantedexceptionsandyouhadtheauthoritytodo it.
- Cloud securityexperience: GCPpreferred; AWS orAzureacceptable.
- Familiarity with SIEM vulnerability scanners and endpoint protection; direct experience with Vanta and/oranotherICT Risk ManagementSystemis a plus.
- -lineindependencerequiresandcanexplainwhyitmatterstoa CTOwhocurrentlyholdsbothfunctions.
- Abilitytocommunicatesecurity risk in businesstermstoa Boardandregulators. Comfortwithboththenumbersandtheregulatorylanguage.
- Strongwrittenandspoken English. Dutch is a plus.
- CISSP CISM or ISO 27001 LeadImplementer/Auditor (preferred). CRISC is a bonus.
- Experiencein financial services or inBitcoinanddigital assetbusinesses.
- WorkingknowledgeofMiCARanditsoperationalresilienceimplications.
- Experiencewithregulatoryaudits runbyDNB AFM or equivalentauthorities.
- Third-partyrisk managementinoutsourcedorcloud-first environmentsparticularlyforcriticalservice providers.
What we offer
- Competitive monthly salary EUR 6.500 - 8.500 based on full-time employment depending on your experience.
- Up to EUR 300 to invest in tools that improve your workflow (headphones keyboards etc.)
- Monthly Bitcoin pension of EUR 50
- 25 vacation days
- Option to participation in our share certificate program
- Travel reimbursement or NS Business Card for your commute
- Opportunities for hybrid work though in-person collaboration is highly valued
- Paid training and learning resources to keep your skills sharp and up to date
- A fully stocked pantry and fridge at the office with meals snacks and drinks included
- Discounted access to Urban Sports Club and LeaseBike plans
Contact Us
To apply please fill in the form below. For questions about the job opening your application or Blockrise please contact.
We expect to get back to you within one week. We consider every application regardless of your background and beliefs. After an introduction an assignment may be part of the application process.
Please note that by submitting your application Blockrise (in accordance with our Privacy Policy) obtains permission to request store and process your application data for the purpose of considering employment. We will delete your application data within 30 days when your application is no longer under consideration.
Unsolicited recruitment
We do not accept unsolicited CVs from recruiters or employment agencies. We will not consider or agree to payment of any referral compensation or recruiter fee relating to unsolicited CVs.
We expect to get back to you within one week. We consider every application regardless of your background and beliefs. After an introduction an assignment may be part of the application process.
Please note that by submitting your application Blockrise (in accordance with our Privacy Policy) obtains permission to request store and process your application data for the purpose of considering employment. We will delete your application data within 30 days when your application is no longer under consideration.
Unsolicited recruitment
We do not accept unsolicited CVs from recruiters or employment agencies. We will not consider or agree to payment of any referral compensation or recruiter fee relating to unsolicited CVs.
Required Experience:
Unclear Seniority
About Company
Blockrise standards Our high standards are designed to ensure maximum security and transparency. Each client uses segregated crypto wallets, with a separate wallet for each Blockrise product. Transactions and trades are fully verifiable on the blockchain, creating a safe and clear env ... View more
