Information Security Officer – 260512-VH-003

Information Security Officer – Common Ground

Location: Utrecht, Netherlands (Hybrid)
Hours per Week: 24 Hours
Start Date: 1 June 2026
Contract Duration: Until 31 January 2027
Education Required: University Degree (WO)
Language Requirement: Dutch (Minimum C1 Level)

Job Overview

We are seeking an experienced Information Security Officer (ISO) to support a Common Ground transformation program focused on secure, future-proof, and modular digital services within a government environment.

The role focuses on strengthening BIO2 compliance, security governance, and information security practices for a cloud-native Service Delivery Platform operating on Kubernetes-based infrastructure.

You will work closely with product leadership and multidisciplinary teams to develop security frameworks, governance models, and compliance-related deliverables.

Key Responsibilities

• Develop and maintain security governance frameworks for Common Ground initiatives
• Translate BIO2 measures into technical and organizational security controls
• Create and maintain detailed security documentation and manuals
• Advise on security aspects of existing and new projects
• Provide recommendations regarding logging, monitoring, and audit trails
• Define and advise on non-functional security requirements for suppliers and service providers
• Support implementation and expansion of security functions within teams and departments
• Ensure alignment with government security and privacy standards
• Collaborate with stakeholders across technical and governance domains

Deliverables

Security Manual

• Comprehensive security manual aligned with BIO2 requirements
• Translation of BIO2 controls into the Common Ground and Service Delivery Platform context

Policy & Advisory Products

• Security governance recommendations
• Advice on project security compliance
• Guidance on logging, monitoring, and auditing
• Supplier security requirement frameworks

Required Skills & Experience

• Minimum 8 years of experience as an Information Security Officer
• At least 3 years of experience within a Dutch municipality or similar government environment
• Minimum 3 years of experience implementing BIO/BIO2 frameworks
• Strong experience advising on information security and governance matters
• Knowledge and experience with:
  • DigiD framework
  • ENSIA
  • GDPR compliance
  • DPIAs and data processing agreements
• Experience setting up or expanding security functions within organizations
• Strong understanding of cloud-native and Kubernetes-based environments
• Excellent written and verbal communication skills in Dutch (C1 minimum)

Candidate Profile

• Self-managing and proactive
• Structured and organized in approach
• Strong stakeholder management skills
• Delivery and results focused
• Comfortable operating in complex governance environments

Work Environment

• Hybrid work model
• Minimum 1 day per week onsite in Utrecht
• Additional onsite presence may be required depending on project needs

Additional Information

• CVs must be submitted in PDF format and in Dutch
• Strong focus on collaboration, governance, compliance, and security delivery
• Inclusive and diverse working environment encouraged