Cybersecurity Manager

DUTCH MANDATORY

Context

In a context where cyber threats are increasing and digital services are crucial, thoughtful cybersecurity makes the difference. At a leading social services organization, there is an active focus on secure systems, reliable data, and robust processes that protect the organization and its services.

The organization is seeking a Cybersecurity Manager to take on the role of CISO, providing organization-wide direction for cybersecurity policy and overseeing the management of digital risks and related reputation. In this strategic expert role, you combine policy insight with concrete impact. You work closely with ICT, data, management, and other partners, reporting directly to the Director of ICT, Data, and Strategic Projects (CIO).

As Cybersecurity Manager, you are responsible across the organization for developing, implementing, and monitoring the cybersecurity and information security policy. The focus is on governance, risk management, and awareness.

Missions

• Develop, update, and translate the cybersecurity and information security policy into clear frameworks, standards, and guidelines

• Work from a recognized framework (such as NIST) and systematically monitor the maturity of cybersecurity within the organization

• Initiate and lead cyber-related initiatives and improvement projects based on market insights, risk analyses, incidents, audits, and strategic priorities

• Manage the full risk management cycle from a reputation framework, including identification, protection, prevention, response, and recovery

• Monitor the incident response and crisis management framework for cyber and information security incidents and take a coordinating role during incidents and data breaches

• Identify, assess, and follow up on cyber risks organization-wide, with attention to continuity, compliance, and reputation

• Collaborate with ICT, data, legal, and other departments on cyber-relevant processes (such as change and run), focusing on governance and risk control

• Act as the substantive point of contact for internal and external audits and for cyber- and risk-related aspects within supplier and contract management

• Report and advise management and executives clearly on cyber risks, priorities, and developments

1. A master's degree, preferably in ICT or business administration, or equivalent level through relevant and demonstrable experience
2. Extensive knowledge of ICT risk management and cybersecurity, with good understanding of IT infrastructures, networks, cloud and data environments
3. Familiarity with risk management within IT and digital ecosystems, including 3rd party and supplier risks
4. Thorough knowledge of cyber and risk management frameworks (such as NIST) and ability to pragmatically apply them in an organizational context
5. Understanding of ICT service management and ITIL principles, especially related to change and run processes
6. Knowledge of relevant laws and regulations, such as the main lines of NIS2, and ability to translate their impact into policy and governance
7. Ability to analyze risks, weigh them, and provide clear and substantiated advice to management and directors
8. Fluent and convincing communication skills, both written and oral, with ability to facilitate collaboration and alignment