Permanent employment
Bachelor (EQF 6), Master (EQF 7)
Apply before:
Hours p/wk:


Are you looking for a new challenge where you can be responsible for developing, defining and maintaining an international information security strategy and policy? Can you translate the risk and standards surrounding information security into pragmatic an effective solutions? Yes? Then Kiwa is looking for you as our chief information security offer (CISO) based in Rijswijk!


Job description

The chief information security officer at Kiwa defines and maintains the corporate information security policy and organizes and directs the information security of our international organization according to risk appetite and needs.

You use a risk management approach and take into account the information security threat picture, trends and organizational needs. You are responsible for controlling the international information security organization, determine the necessary resources and their use on concrete security measures. You initiate and coordinate the implementation of information security for the entire organization and supervise it. You ensure an appropriate level of information security and information security behavior in the organization, based on the needs and risk appetite of the organization. By internal and external stakeholders you are considered to be the expert in the field of information security.


You’re responsible for:

  • Drawing up, adjusting, renewing and revising information security policies and the resulting plans;
  • Setting up and maintaining the international information security organization;
  • Coordinating and advising on handling security incidents;
  • Alignment of information security with the Kiwa countries and business units;
  • Ensuring compliance with information security requirements;
  • Promoting information security awareness across the organization;
  • Advising and supervising information risk analyses;
  • Performing information security assessments and internal audits.

And realize:

  • Information security project portfolio;
  • Organization-wide information security activities and projects;
  • Monitoring the relevant risks to the organization;
  • Monitoring compliance with policies and laws and regulations;
  • Coordinated response to serious information security or ICT incidents;
  • Organization-wide guidelines, standards, methods and techniques for information security.

What do we expect from you in the position of Chief Information Security Officer?

As a chief information security officer, you are driven, independent and aim for the best results every day. You have a good eye for detail, work accurately and are a solid and valuable discussion partner for colleagues and customers. You provide (un)solicited advice, are service minded and have a strong sense of responsibility. You want to continuously develop yourself and use your knowledge, experience and skills to expertly inform and advise our (internal) customers.


Do you have the following profile?

  • Academic work and thinking level;
  • At least 5 years of work experience in the field of information security;
  • Relevant training as well as technical knowledge in the field of information security, demonstrable by certifications such as CISM, CISA, CISSP or SANS;
  • Experience in working in constantly changing international organizations;
  • Knowledge of risk management for information security;
  • Experience with incident management (CERT);
  • Experience with SOC/SIEM services, preferably based on Microsoft technology;
  • You have an excellent verbal and written command of the Dutch and English languages.


What can you expect from us?

Our employees are our most important asset. This is directly reflected in the attention we pay to our people and why we reward them with a good salary (in accordance with their knowledge and work experience), a year's contract (32 – 40 hours per week) with a view to permanent employment, 27 days of leave, 10 days of additional (ATV) leave, 8% holiday pay, a company car, an excellent pension scheme and a variable  bonus.

Where are you going to work?

In this role, you will be working within the Corporate ICT department with location Rijswijk,  although it is also possible, after the familiarisation period, to work from home or at another location. Occasional travel to the international Kiwa offices is also part of the function.

The Corporate ICT team consists of 36 enthusiastic, driven and skilled employees and there is a collegial and informal working atmosphere.