Security Officer – Unit: BTO | Security, Risk and Compliance Department

Logo van Tennet met een gestileerde blauwe en groene cirkelvormige afbeelding links van het woord "tennet" in blauwe kleine letters.

Aanvraagnummer: 11712
Contractvorm: Detachering
Organisatie: TenneT
Locatie: Arhem / Hybride
Uren per week: 32 - 40 per week
Tarief: 125 per uur
Duur van de opdracht: 6 maanden
Regio: Gelderland
Startdatum: 02-06-2025
Optie tot verlenging: Nee
Sluitingsdatum: 02-06-2025 11:00

LET OP! Deze opdracht is gesloten



For TenneT, we are looking for an experienced: Security Officer (ISO 27001)

Department: BTO-SRC
The SRC department contributes efficiently and effectively to TenneT's purpose: To connect everybody with a brighter energy future. It does this by providing a suitable working environment within reliable, high-quality, secure and safe data and control centers, offices (campus/hubs) and other business locations.

Your contribution to TenneT
• You work as an Information Security Officer with focus in Governance, Risk and Compliance for the Business Technology Organisation (BTO), ensuring the confidentiality, integrity, and availability of company data and systems.
• You work in a second line of defense as trusted advisor for the IT teams, regarding cybersecurity.
• You orchestrate cybersecurity within the unit and support the corporate ISMS using industry best practices in order to protect the integrity, confidentiality, and availability of the information and IT systems.
• You help to coordinate closely with Operational Security Managers supporting this role for other departments within the unit.
• You develop, implement, and enforce security policies, processes, procedures, and standards.
• You continuously review and update security practices to align with industry standards, regulations, and best practices.
• You advise on formulating and implementing security measures.
• You facilitate risk assessments to identify potential security threats to the organization and support in determining risk management strategies to mitigate security risks, in alignment with Risk & Compliance Officer.
• You coordinate with IT teams to ensure security controls are implemented effectively across all systems.
• You develop and conduct training and awareness programs for staff on cybersecurity best practices.
• You develop and deliver training programs to ensure all BTO staff members understand their roles in continuity plans.
• You prepare regular reports on BCM activities, risks, and other security topics to senior management.
• You coordinate/facilitate internal and external security audits to ensure continuous compliance and readiness for external certifications.
• You ensure that our suppliers are in compliance with our security requirements.

Your profile and background
You work as an Information Security Officer with focus in Governance, Risk and Compliance for the Business Technology Organisation (BTO), ensuring the confidentiality, integrity, and availability of company data and systems. In this role you will be dedicated to support the German ISMS until a new an internal employee is hired.
Therefore, besides the technical requirements, the person must speak German and is willing to travel to Germany when necessary.
• You work independently;
• You are able to work with different stakeholders and know how to quickly get to the heart of the matter;
• You have deep knowledge of security tools, technologies, and practices (e.g., SIEM, IDS/IPS, firewalls, endpoint protection, encryption).
• You have familiarity with cloud security, network security, and identity and access management (IAM) tools.
• You have knowledge in frameworks such as ITIL 4, Cobit 2019, ISO 31000, GDPR, ISO 27001 and NIST;
• Certifications like CISSP, CISM, CRISC and CISA are a plus;
• You have a completed graduate degree in Information Technology, Information Security, General Security, or Business Administration with demonstrable experience in IT/Information Security Risk Management or similar;
• Strong on social-communication skills. You have and maintain a relevant internal and external network allowing you to identify trends, developments and opportunities from the market translate to TenneT's environment;
• You are willing to travel at home and abroad for knowledge exchange and coordination with (German) colleagues;
• In addition, you have a good command of English and German languages.

Important:
• The difference with the previously published role of Integrated Security Officer is that the other role focuses on the implementation of ISO 27001 controls, design, existence and operation. A heavier role in terms of content. For this role, TenneT is actually looking for a supporting force, even more executive, with the aim of helping the Integrated Security Officer to implement and secure the ISO in Germany;
• Keyword: giving substance to the ISO 27001. In Germany, one must comply with the German variant of the ISO27001. A candidate with such experience is also eligible.
• The candidate must be able to speak German at a native-like level.

Remainder:
• VOG must be received before a candidate can start;
• A Pre Employment Screening (PES) is carried out as standard upon commencement of employment;
• Please note: UVO (Extensive Safety Examination) applies to this application;
• Rate depends on the knowledge and skills of a candidate;
• Unfortunately, the application does not lend itself to the hiring of a self-employed person;
• Pitch is Arnhem for at least 3 days a week. Other days hybrid.


Additional information:
• Suppliers of candidates must be aware of the applicable laws and regulations in the field of employment conditions and the (TenneT) collective labor agreement. This commitment falls within scale 9 of the TenneT collective labor agreement;
• We would like to receive the personal motivation and CV in English/Dutch.

Screening:
• Pre-employment screening: If the candidate is allowed to start at the client, a pre-employment screening will take place. We will then send you the necessary documents. Your candidate may only start after completing the pre-employment screening. The VOG application is part of the screening from , the VOG must be received before the candidate can start;
• The candidate has proof of identity (a passport or identity card), which is valid at intake and on the start date of the candidate's contract and can be submitted for verification.

Availability:
• It is important that the candidate is available for the entire requested period in the application;
• When offering a candidate, we assume that you agree with the terms and conditions of this specific client. If you are not familiar with these conditions, you can request them from the responsible recruiter.