Vacatures auditor

Do you want to make a real impact by keeping digital services safe and trusted as they grow worldwide? As our Security & Privacy Specialist, you will help shape the security and data protection practices that enable our products to reach millions of users across the world.

You will own and evolve our Information Security Management System (ISMS), turning it into a strategic enabler of trust, regulatory approval, and international expansion. From guiding long‑term governance to embedding risk management and compliance in daily operations, you make sure that security and privacy are at the heart of everything we do.

At OMRON Digital Health, you will play a central role in keeping our digital health solutions secure as we grow internationally. You will take full ownership of our ISMS and lead global compliance efforts supported by a network of local experts, ensuring that our products meet regulatory requirements and industry standards across regions worldwide, among which the EU, UK, USA, Japan and beyond. You will implement and maintain new security and privacy frameworks, oversee risk management processes and make sure operational security and third‑party assurance are consistently applied across all teams and systems.

In this role, you will work closely with teams across OMRON Digital Health, OMRON’s regional experts and OMRON Headquarters in Kyoto, to drive cross‑functional security and privacy initiatives and provide strategic guidance. You will ensure that security and privacy considerations are embedded in every decision, from global expansion projects to daily operations, helping us maintain a trusted environment for our users. By combining operational excellence with a strategic vision, you will enable Luscii to deliver safe, scalable and reliable digital health solutions that make a real difference for consumers, patients and healthcare providers worldwide.

What you will be doing, among other things:

• Own and evolve the ISMS: Build, maintain and continuously improve our Information Security Management System across the organization, ensuring audit readiness and leading internal and external audits, and recertifications.

• Monitor security and privacy risks: Define and track security & privacy KPIs, report on risks, conduct management reviews and maintain clear escalation structures.

• Drive international security and privacy strategy: Develop and execute compliance strategies for new and existing markets, aligning with OMRON’s global digital health portfolio including our B2C and B2B products and services.

• Implement frameworks such as SOC 2, NIST and US healthcare standards, as well as privacy regulations such as GDPR and HIPAA, and translate emerging regulations into scalable roadmaps.

• Manage operational security and risk: Guide company‑wide risk management, incident and vulnerability handling, business continuity testing, access control and secure development processes.

• Ensure third‑party and supply chain security: Design and operate scalable vendor risk processes, conduct assessments and due diligence, oversee ongoing monitoring and align contractual security and data protection requirements globally.

• Collaborate across functions: Work closely with product, engineering, privacy, regulatory and legal teams to embed security & privacy into all processes and initiatives.

• Provide internal guidance and representation: Advise common practice on cybersecurity posture and international readiness and represent OMRON Digital Health with auditors, customers, strategic partners and regulatory authorities.

Luscii is part of OMRON DH, a global leader in the field of clinically proven, innovative medical equipment for home health monitoring and treatment. In this specific position within OMRON DH/Luscii, you will become part of the Luscii organisation and focus on OMRON DH wide responsibilities and matters. Here, you can read more about how we’re working at Luscii and our Holacracy way of working. We at Luscii have been taking over the leadership of OMRON DH and will continue to expand the entire business under Luscii’s culture and ways of working.

Together, we are working on a mission to create space for care. Freedom, autonomy and ownership are of great importance in this. If you want to read more about the collaboration between Luscii and OMRON DH, click here. And if you want to read more about OMRON Connect, click here.

• Salary: € 6.100 - € 6.800 gross per month (based on 32 hours – that’s full‑time at Luscii).

• Remote‑first: Work from anywhere in The Netherlands. We stay connected through monthly in‑person team days called Assemblii.

• Flexible setup: Create your own ideal workspace. Whatever works best for you – we’ve got you covered here.

… probably doesn’t exist, but if you can tick most of the checkboxes below, please apply! We are looking for somebody who is comfortable in taking ownership and making well‑considered decisions independently. You enjoy the autonomy to shape your work and responsibilities, while actively seeking collaboration and alignment with others across different cultures.

You know when to step up, when to involve colleagues and when to move forward decisively. Working independently does not mean working in isolation for you. You feel at ease being both a self‑starter and a committed team player, contributing to shared goals while taking responsibility for your own domain. You value open communication, transparency, and mutual trust.

• At least 4+ years of experience in information security, ISMS ownership, or compliance leadership roles.

• Proven experience implementing and maintaining ISO 27001 and/or NEN 7510, and other international standards, for example UK Cyber Essentials and/or NHS DSPT.

• Familiarity with US healthcare security expectations (e.g., HIPAA‑aligned environments) or NIST‑based frameworks.

• Experience preparing organizations for additional international certifications (e.g., SOC 2 or similar).

• Experience implementing and maintaining compliance with international privacy frameworks, such as GDPR, and HIPAA.

• Hands‑on experience with third‑party risk management and supplier assurance.

• The ability to translate international regulatory complexity into practical, scalable operational controls.

• Has worked in an international environment before and has experience with both B2C and B2B business contexts, combining both technical and operational knowledge & experience.

Looking into certifications and training, it would be incredibly helpful if you’ve finished relevant certifications (e.g. ISO 27001 Lead Implementer/Auditor, CISSP, CISM or equivalents) at the time of your application. Willingness and ability to build a formal competence profile through targeted training and certification is expected.

Please elaborate about your own knowledge, background and fit with the role and its requirements itself in your motivational letter. We’d love to hear and read about your own perspective on a role as such.

Would you like more information? Feel free to contact our recruiter Björn Bogerd via bjorn@luscii.com.

We organise three interviews for each vacancy. It is an extensive process, but we want to ensure that there is a good fit in regards to a potential collaboration, our culture and our way of working. All interviews are conducted online and the entire procedure is planned in advance to keep momentum.