Information Security and Risk Consultant
Secura is an independent, specialized security expert company. Our mission is to provide insights into our customers’ security. Secura provides security advice, training, audit, testing and certification services for our customers. We approach security by addressing people, process and technology. We are active in four sectors: Finance, Critical Infra, Public and Technology. We currently have a team of around 70 employees (of which> 75% are security experts). We work for reputable customers.
Are you an Information Security & Risk Consultant with relevant experience and a passion for Digital Security? Do you understand the true value of information and the risks if this information is not properly protected? Are you able to look at any business with a "risk approach"? Are you challenged by developing solutions for clients for the various security issues and train your customers on security awareness? Do you have a professional-critical attitude towards security measures? Do you have some experience with IT audits in the field of information security? Do you know the specific points of interest regarding cloud security and cybersecurity? If so, we are looking for you!
We are looking for an Information Security & Risk Consultant with a security mindset in the field of information security to expand our team in Eindhoven or Amsterdam.
As an Information Security & Risk Consultant at Secura, you perform risk analysis, audits and you provide advice, training and assistance related to information security, privacy and related security standards. You will work for government institutions, (listed) multinationals, financial institutions and other types of organizations. Within Secura, the Information Security & Risk Consultant plays an important role with a focus on organization, process and people, in combination with the technical depth of the projects that Secura delivers to its customers. In this position, you will have many opportunities to deal with the latest developments and threats in cyber security.
As an Information Security & Risk Consultant, you know how to make a concise analysis and how to provide concrete security advice in complex organizational situations. You analyse risks and perform audits to make this advice. You are capable to understand the complex environments of your clients based on your technical knowledge and analytical skills. You stay up-to-date with the latest developments and threats in IT security and you are familiar with politics. We are proud to work for players with high social impact.
As an Information Security & Risk Consultant you are:
- Performing information security projects for customers as part of a team as well as independently.
- Providing written reports, both in English and Dutch.
- Solution-oriented thinking and interacting.
- Working continuously on your personal development by learning-on-the-job, following training courses and events.
- Conducting audits in the field of information security and compliance for customers.
- Actively contributing to the planning phase with regards to scoping, risk analysis and
determining the control approach.
- Pro-actively collaborating with mediors and seniors (and RE) on the approach and the operational (audit) work carried out in response to findings.
- Following audit standards to perform and document the work, and following up the review points.
- Making the projects run efficiently in collaboration with the client.
- Contributing to the further development of tooling, templates and standards.
You are an Information Security & Risk Consultant with:
- A completed Bachelor’s or Master’s degree in Business Informatics or Security Management.
- Preferably in possession of (one of) the following certifications: ISO 27001 lead implementer, ISO 27001 lead auditor, CISSP (ISC), CCSP (ISC), CSSLP (ISC), CISM (ISACA), CSX (ISACA), CGEIT (ISACA) and CCSK (CSA) or willing to acquire.
- The necessary knowledge of important frameworks for information security such as NIST, CSA, ISO, COSO, ISACA, PCI, ITIL (OGC).
- 3-8 years of relevant work experience.
- Knowledge and skills in project management, consulting and IT Security.
- Familiarity with risk analysis and capable to provide client-focused advice.
- Knowledge / experience in the field of testing (web) applications is an advantage.
- A supportive, proactive and positive personality and you know how to engage both your clients and colleagues.
- Excellent communications skills, both written and oral in Dutch and English.
- No 9 to 5 mentality and traveling to customers, including overnight stays, is not a problem for you.
What can we offer you?
In terms of content, we offer you a very diverse portfolio of customers and customer projects. We are an organization with a technical security heart and we provide high-quality services in the field of digital security. You will join a team of motivated specialists and knowledge exchange is our top priority. The informal work atmosphere and open workspaces in Amsterdam and Eindhoven are illustrative of our open and driven character.
Secura is a fast-growing company with ambition. You have the opportunity to grow and thus further shape your career in responsibility, visibility internally and externally as well as in following training and education.
A good salary is included in our terms and conditions of employment package as well as a bonus scheme, being able to purchase additional days off, flexible working from home, etc.
In short, a good basis for a conversation!
Are you the Information Security and Risk Consultant we are looking for?
We would like to receive your CV and motivation letter by mail via email@example.com.
Do you have questions? Contact one of our Corporate Recruiters by telephone +31 (0)40 23 77 990 or email firstname.lastname@example.org.
Pre-employment screening and a capacity test can be part of our recruitment process.