Junior/Medior Information Security Officer
Do you want to apply your information security knowledge and experience in a dynamic and growing environment where you can help us mitigate risks and maintain control?
What you are going to do
The NN Customer & Digital Security team is looking for a junior/medior information security officer who can take a proactive role in managing information security risks in collaboration with the C&D DevOps teams and product owners to help us stay in control. Within C&D, we have several teams, including end-to-end DevOps teams. In this environment, you will be regarded as the junior/medior information security expert.
As a junior/medior Information Security Officer, you will advise and support teams in conducting risk assessments, help teams mitigate risks, and enhance their security knowledge and posture. It is part of your responsibility to review and verify whether technical measures are implemented correctly and to support the (DevOps) teams in that regard.
Your role as a team member of the C&D Security team is to define, review, and support the implementation of standards and guidelines for a structured and well-aligned way of working to information security and compliance.
In this role, you will work with the second line, internal auditing, and various C&D (DevOps) teams on a wide range of information security and compliance tasks, such as conducting security reviews, threat modelling, providing information security advice, interpreting vulnerabilities, and assisting in resolving audit findings.
You will help to:
- Assess, review, and report on the implementation of security controls based on our IT control framework (ITCF)
- Assist in the process of conducting information risk assessments and create control statements
- Verify whether control measures are properly established, formulate recommendations for improvement, and serve as the point of contact during audits
- Perform risk assessments on third-party suppliers to ensure they meet our security requirements and regulatory obligations
- Conduct threat modelling, walk through vulnerabilities with teams, and provide advice on solutions
What we offer you
NN invests in an inclusive, inspiring work environment and in skills and competences for the future. We match this with employee benefits that are in line with what is needed today and in the future. This way, we offer our employees the opportunity to get the best out of themselves. We offer you:
- Salary between €4.324 and €5.765 based on a 40 hour workweek, depending on your knowledge and experience
- 13th month and holiday allowance are paid with your monthly salary
- 27 vacation days for a 5-day working week and three Diversity Days
- A modern pension administered by BeFrank
- Plenty of training and learning opportunities
- NS Business Card 2nd class, which gives you unlimited travel, also privately.
Do you prefer to travel with your own transport? Then you can declare the kilometers travelled - Allowances for setting up your home office and for internet use
Who you are
We are looking for a candidate with 3-5 years of working experience as a security officer, prefer-able within the financial sector. A relevant Bachelor’s or Master’s degree, such as computer science or a related field, preferably with additional certifications like CISSP or CRISC. A person who understands information security control tracking, has experience with closing IT security audit findings, can perform security reviews and can consult Devops teams in the implementation of security measures preferably in cloud environments.
- Proactive, result-driven and able to set priorities and plan ahead
- Able to enter into a discussion with product owners regarding the design choices and integrity of the applications, identify risks, and give advice on appropriate solutions and measures
- Able to propagate and defend the agreed internal guidelines in the field of information security risk management
- Listen to the concerns and needs of the devops teams and guide them in achieving security goals
- A team player: you are supportive and flexible in picking up tasks when priorities change
Who you will work with
You will be part of a fast-paced, ever-evolving environment where innovation, collaboration, and agility are crucial.
The C&D Security team is a self-organising team of 5 security officers. A well-balanced team in experience, age and a variety of skills. People who interact daily, cooperate and support each other. We believe in continuous learning by coaching on the job, training and education. Our core values as a security team are: transparency, reliability, cooperation and evolving.
Your approximately 90 C&D IT domain colleagues share a passion for technology and IT. The blend of different nationalities and levels of seniority ensures that everyone feels at home and can perform at their best. Our teams are characterized by their commitment, openness, and results-oriented approach. We work hard but also make time for fun.
C&D connects the Business Units of NN with our shared customers. This means that C&D IT is responsible for all generic digital platforms and capabilities used within NN to serve our customers. These key components support our digital client portals, apps, and AI/chatbot technology, enabling NN to deliver a digital, personalized, and relevant service offering to our customers.
NN aims to be an industry leader, recognized for its customer engagement, talented people, and contributions to society. As the world around us changes, what truly matters to people remains constant. We help people care for what matters most to them. The company is currently transitioning into a tech company with a strong focus on automation and creating the best digital products for our customers, making this the perfect moment to join and help shape that movement.
Any questions?
Do you have any questions about the position or the process? Then contact Jarmo Fernhout (Principal Talent Acquisition Specialist) via jarmo.fernhout@nn-group.com.
Bij NN geloven we dat onze kracht ligt in het omarmen van de volledige diversiteit van de mensheid. We erkennen en waarderen ieders uniciteit en bijdrage, wat ons in staat stelt om te groeien: als individu, als team en als organisatie.
Diversiteit, Gelijkheid en Inclusie zijn verankerd in onze cultuur, die wordt geleid door onze kernwaarden: care, clear en commit. Deze waarden helpen ons om een werkomgeving te creëren waarin iedereen zich welkom, gerespecteerd en trots voelt om deel van uit te maken.
Be you. You have our support.
