Processing personal data is an important part of our business. Are you the one to keep us safe from all the security and cyber risks that are happening today?
Are you the expert that will help us meet all process and quality requirements our international clients demand from our software solutions and keep us compliant to all international laws regarding security guidelines?
Are you able to maintain our ISAE 3402 standard and elaborate security demands when this is appropriate?
Your job @ FRISS
Your mission as Security Officer is to make sure that everything we do as a company, is secure and compliant with existing laws and regulations and that the security guidelines are enforced to deliver the best possible FRISS Score. You will create and uphold awareness amongst our customers and partners of the risks that we are facing. You make sure that we are always in control.
You are actively involved on the workplace with the entire FRISS team. You dare to ask critical questions and are able to create cohesion so that everyone looks into the same direction at the end of the day.
You are a member of the Security & Compliance Team, and are able to align business needs with security best practices. You’ll work closely with the other team members, being our Data Protection Officer and Security Engineer.
- Execute topics on the security roadmap
- Author of security guidelines and procedures that need to be enforced in the company
- Regularly check the execution of existing controls and processes
- Create and uphold awareness amongst employees and partners on security issues
- Uphold and renew ISAE 3402
- Audit our partners on SOC2 and ISO27X
- Communicate and interact with customers on security topics and assessments
- Support compliance related topics such as vendor due diligence
- Collaborate closely with our contract manager on legal issues.
- High drive and energy
- Excellent communication skills
- Competences: integrity, independent, quality-orientated, hands-on, team player
- 1-3 years experience as Security Officer, preferably in the field of insurance or ICT
- Active knowledge in the field of risk management: ISAE 3402 (SOC2 and ISO 27001 are a pre)
- Active knowledge of international security (and privacy) directions (EU and beyond)
- Familiar with system auditing practices in the software business
- Preferably one or more relevant business certifications (CISSP, CISA, CDCP, CIPM)
- At least Bachelor level, e.g. BSc of (Business) Informatics
- You are fluent in English. Additionally, Dutch is a pre.
Salary and benefits
Our remuneration and compensation reflect the qualifications of the candidate and the results achieved. If you’d prefer to work part time, this is possible in this function (32-36 hrs).