(Senior) Information Security Officer
Our client is a leading organisation dedicated to maintaining the highest standards of information security and regulatory compliance within a regulated environment. They foster a collaborative and professional culture, emphasizing continuous development, responsible work practices, and innovation. This role involves the development, maintenance, and ongoing enhancement of the organisation’s information security management system aligned with BAIT, ZAG, MaRisk, DORA, and ISO 27001 standards. The position is vital for ensuring the company’s compliance with legal and regulatory requirements while safeguarding critical assets.
Role Overview:
The (Senior) Information Security Officer will be responsible for ensuring the effectiveness and compliance of the organisation’s information security framework. Working closely with various departments, they will oversee risk assessments, coordinate resilience testing, and implement improvement measures, reporting directly to senior management to support secure and compliant business operations.
Key Skills & Experience: • Relevant degree in Informatics, Business Informatics, Business Law, or a comparable qualification
• Extensive experience in information security management within a regulated setting
• Strong knowledge of regulatory standards including BAIT, ZAG, MaRisk, DORA, DSGVO, and ISO 27001
• Proven ability to develop and improve ISMS and IKT risk management frameworks
• Analytical thinking with a structured approach to complex issues
• Excellent communication skills, confident in liaising with executive management, departments, and auditors
• Demonstrated initiative, responsibility, and a commitment to embedding information security practices
Key Responsibilities: • Build, maintain, and develop the organisation’s information security management system in accordance with relevant standards and regulations
• Draft, update, and monitor security policies, guidelines, and concepts to ensure a reliable security foundation
• Translate regulatory requirements into practical security measures and manage risk analyses and threat assessments
• Coordinate resilience tests, vulnerability scans, and security incident handling
• Identify and implement improvement actions based on security reviews and testing results
• Maintain close collaboration with IT, Data Protection, Compliance, Risk Management, and Internal Audit teams
• Report on security status and compliance directly to executive leadership to support informed decision-making
Requirements: • Right to work in Europe and availability to work on-site
• Proven experience with information security management in a regulated environment
• Practical knowledge of DORA and ISO 27001 frameworks
• Strong analytical, organizational, and communication skills
• Experience with risk assessment, resilience testing, and vulnerability management
Finish your application now to contribute to a dynamic team committed to safeguarding organisational integrity and compliance.
