Do you want to apply your information security knowledge and experience in a dynamic and growing environment where you can help us mitigate risks and stay in control?
What you are going to do
The NN Customer & Digital security team is looking for a medior information security officer who is able to take a proactive role in the management of information security risks in collaboration with the C&D Devops teams and product owners to help us stay in control.
Within C&D we have several teams, including end-to-end Devops teams. In this environment you are seen as the medior information security expert. As a medior Information Security Officer, you will advise and support teams in making risk assessments, help teams to mitigate the risks and to improve their security knowledge and posture. Reviewing and verifying if technical measures are implemented correctly and supporting the (Devops) teams to that end, is part of your responsibility.
Your role as team member of the C&D security team is to define, review and support implementing the standards and guidelines for a structured and well-aligned way of working for information security and compliance.
In this role you will be working with the second line, internal auditing and with the different C&D (Devops) teams on a wide variety of information security and compliance tasks, e.g. Performing security reviews, threat modelling, provide information security advice, interpret vulnerabilities and assist in solving audit finding.
You help:
- Assess, review and report on the implementation of security controls based on our IT control framework (ITCF)
- Assist in the procedure of information risk assessments and create in control statements
- Verify whether control measures are properly set up, formulate recommendations for im-provement, and be the point of contact in the event of audits
- Perform risk assessments on third party suppliers to ensure they meet our security require-ments and the regulatory obligations
- Perform Threat Modelling and walk through vulnerabilities with teams and advise on solutions
What we offer you
NN invests in an inclusive, inspiring work environment and in skills and competences for the future. We match this with employee benefits that are in line with what is needed today and in the future. This way, we offer our employees the opportunity to get the best out of themselves. We offer you:
- Salary between €4,092 and €5,846 depending on your knowledge and experience
- 13th month and holiday allowance are paid with your monthly salary
- 27 vacation days for a 5-day working week and one Diversity Day
- A modern pension administered by BeFrank
- Plenty of training and learning opportunities
- NS Business Card 2nd class, which gives you unlimited travel, also privately. Do you prefer to travel with your own transport? Then you can declare the kilometers travelled
- Allowances for setting up your home office and for internet use
Who you are
We are looking for a candidate with at least 5 years of working experience as a security officer, prefer-able within the financial sector. A Bachelor or Master degree, preferable with additional certification such as a CISSP or CRISC. A person who understand information security control tracking, has experience with closing IT security audit findings, can perform security reviews and can consult Devops teams in the implementation of security measures preferably in cloud environments.
- Proactive, result-driven and able to set priorities and plan ahead
- Able to enter into a discussion with product owners regarding the design choices and integrity of the applications, identify risks, and give advice on appropriate solutions and measures
- Able to propagate and defend the agreed internal guidelines in the field of information securi-ty risk management
- Listen to the concerns and needs of the devops teams and guide them in achieving security goals
- A team player: you are supportive and flexible in picking up tasks when priorities change
Who you will work with
As a medior Information Security Officer, you will work within the Customer & Digital (C&D) business unit that focuses on all of NN's generic customer-oriented activities in the Netherlands.
For these activities, C&D is the connecting factor between the various business units, to ensure that the customer (private, business and intermediary) experiences us as one NN and always receives the optimal service. From a IT perspective this means we take care of all generic platforms and capabilities that are used within NN to service our customer. Such as the digital client portals, the app and the chat-bot solution.
The C&D Security team is a self-organising team of 5 security officers. A well-balanced team in experience, age and a variety of skills. People who interact daily, cooperate and support each other. We believe in continuous learning by coaching on the job, training and education. Our core values as a security team are: transparency, reliability, cooperation and evolving.
Any questions?
Do you have any questions about the position or the process? Then contact Jarmo Fernhout (Talent Acquisition Specialist) via Jarmo.Fernhout@nn-group.com.