Regional Information Security Officer
ERIKS is a specialized industrial service provider that offers a wide range of technical products, co-engineering and customization solutions, as well as related services. We help our customers optimize their manufacturing processes, reduce downtime, become more sustainable and innovate their products.
As a Regional Information Security Officer (RISO), you will be responsible for helping the central European organization to comply to our Information security policies and standards, and for keeping senior stakeholders (a/o country CFO's) engaged.
You’ll be working across business and technology, defining and aligning security controls, risks and mitigations, closely working with the other information security team, vendors, Internal Audit, and our supplier organizations.
Together with the security and technology teams you will pursue an optimal compliance and risk avoidance in your region, balancing between minimal risk and optimal business value.
The Regional information Security Officer reports to the ERIKS Chief information Security Officer.
Your main responsibilities:
- Provide leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies.
- In interaction with the business and IT, identify, assess and minimize the operational risk for security and compliance.
- Implement and maintain a practical and useable information security management system and security strategy aligned with minimal SHV and ERIKS Corporate standards and guidelines.
- Ensure that criteria and controls are implemented into the operation.
- Drive change and innovation in line with the security principles and guidelines.
- Advice and support on information security policy and framework.
- Ensure that the technical environment is operating under security, compliance and risk structure.
- Increase the maturity of security, governance, risk and compliance management within the Region.
- Create education and awareness programs aligned with minimum SHV and ERIKS Corporate standards and guidelines, and advice operating units at all levels on security issues, vulnerabilities and best practices.
- Coordinate all information technology and security , governance, risk and compliance related audits (internal and for external suppliers). Provide guidance, evaluation and advocacy on audit responses. Provide prospective customer information security questionnaire responses for the businesses.
- Examine impacts of new technologies on the overall information security. Establish processes to review implementation of new technologies to ensure security compliance.
- Set up, maintain and monitor the compliance of regulatory, SISP and ERIKS Business (Risk) Support Framework (EBSF).
- Bachelor / Master degree (or equivalent) and a number of years of relevant experience within the IT security domain.
- Wide coverage of information technology knowledge.
- Proven knowledge and experience with information security (e.g. CISSP, CISM, CISA, ISO-27001, ISO-30000, or equivalent certification).
- Ability to fulfil an expert role and be the source of security information for the organization.
- Creative approach to problem-solving with the ability to focus on details, whilst maintaining the “big picture” view.
- Excellent communication skills in English. An additional language like Dutch, German, or French is a plus.
- Flexible and adaptable to changing priorities.
- Excellent remuneration package, including a company car or mobility budget;
- 37 days of paid leave (when based in the Netherlands)
- This position can be based in the Netherlands, Belgium, Germany, France, Switzerland or the UK.
- Business tools (laptop and mobile phone);
- Excellent career perspective within ERIKS and other SHV Group Companies (Mammoet, Nutreco, Kiwa, Makro, One-Dyas, NPM Capital and SHV Energy)
At this stage we have a preference for candidates who don't require visa sponsorship, unless you're already employed by one of the SHV group companies.