We offer an opportunity you simply won’t find anywhere else. In less than five years, Mileway has grown into Europe’s leader in last mile logistics real estate, with a 550-plus team across more than twenty-six offices in eleven countries.

As part of the Mileway Information Security team, the Information Security Manager - GRC is responsible for building, maintaining and operating a mature Information Security program for the company. The Information Security Manager will play a key role in the success of the team by ensuring that information assets and technologies are adequately protected. This position will be responsible for collaborating with key stakeholders across various business lines such as IT, HR, Finance, Legal - GDPR, and Senior Management to ensure risks are managed effectively and efficiently in accordance with company policies and applicable regulatory requirements.

This is a very important and visible role within Mileway and provides you with exposure to all aspects of the business.

In this role you will report directly to the CISO and work in close collaboration with the rest of the security and IT team as well as external suppliers. With your strong background in GRC, you will be the anchor point for risk management and compliance within Mileway. You will work together with the relevant stakeholders and suppliers to enable compliance and risk management methodologies. You will develop and maintain security policies and procedures for the organization and provide consultancy on tactical implementation. The role includes management of activities for risk monitoring, reporting, KPI’s, risk assessment, security policy lifecycle, training & awareness, security aspects of data privacy, and third-party risk management.

While this is not a people management position, it is a high-impact role with ownership over key processes and projects, giving you the opportunity to lead cross-functional initiatives and shape the company’s security posture.

Working at Mileway

We offer an opportunity you simply won’t find anywhere else. Launched in 2019, Mileway has rapidly grown into Europe’s leader in last-mile logistics real estate, with a team of over 550 across more than twenty offices in 11 countries. From the start, Mileway set out to be a different kind of real estate company, with a cloud-based IT infrastructure and a team that combines local expertise with the pooled strengths of a pan-European presence.

Our culture is fast-paced and highly international, with team members from more than 50 countries, bringing diverse perspectives and a “can-do” attitude to everything we do. While we have already achieved a lot, we’re only just getting started – our purpose is to be Europe’s leading provider of last mile logistics real estate, enabling businesses to thrive, driving sustainability forward, and shaping the cities of tomorrow. To get there, we live by our values: Drive, Trust, Grow, Together.

At Mileway, we believe company growth comes from supporting the growth of our combined capabilities. That’s why we offer an in-house learning & development program where personal, professional, and business development go hand in hand, helping you carve out your own unique career path. You’ll be based at our Amsterdam office. While we embrace a flexible approach to work, our policy requires working from the office three days a week. To support this, we provide a state-of-the-art technology package to keep you connected at all times.

What You Will Do

The Information Security Manager - GRC is responsible for the design, implementation and operation of all aspects related to Governance, Risk & Compliance within the Mileway organization. This includes:

• Develop and mature Information Security Risk Management processes across the organization through a formalized risk management framework and a structured process
• Maintain Mileway’s Information Security Policy Portfolio
• Manage the Information Security Training and Awareness program
• Manage Mileway’s third-party risk management program (vendor due diligence, security clauses, vendor inventory, risk assessments)
• Ensure Information Security requirements are maintained within the procurement process and contract lifecycle.
• Manage Mileway’s security compliance program (manage assessments and audits, gather evidence, run interviews, report on outcomes)
• Define and implement a risk-based and/or compliance-driven information security roadmap
• Development of relevant GRC KPI’s and reporting procedures.
• Develop and support strategic plans and projects to meet GRC goals and objectives.
  
  

Business Focus

• Act as the single point of contact for the business for all security-related aspects.
• Build and maintain strategic relationships within the business to ensure strategic security initiatives are met.
• Support the business in identifying and mitigating third-party risks through a structured and formalized third-party risk management process.
• Ensure security risk management practices are embedded into key business processes.
• Coordinates enterprise security policies and communication. Gather business participants input, implement changes to policies, and advise the business on policy changes.
• Ensure communication on information security related topics is adequately disseminated across the business.
  
  

Key Functional Competencies

• Analytical mindset
• Ability to work in a structured and organized manner
• Ability to independently manage a project
• Excellent communication skills both verbally and in writing
• Pragmatic, can-do mentality, result driven
• Intrinsic motivation & self-starter
• Strong learning attitude
• Collaborative, open mindset
• Dealing with ambiguity
• Embrace diversity in a multi-cultural organization
• Strategic mindset
  
  

What You Will Bring

• +5 years’ experience in the information security industry and/or demonstrable experience as a Governance, Risk and Compliance Manager.
• Successful track record of effective project coordination, prioritization, collaboration, organization and timely project delivery.
• Knowledge of relevant Information Security management frameworks (such as NIST, ISO 27001)
• Security certifications such as CISSP, CISM will be highly considered
• Ability to adapt to a fast paced, multi-stakeholder environment
• Able to manage a large and complex workload, prioritizing as needed.
• Experience with adjacent security topics such as identity and access management, operational resilience, and vulnerability management is highly appreciated
• You will need to be organized, efficient and able to work unsupervised under your own initiative.
• Experience with working in an international environment.
• Strong communication skills, both written and verbal.
• Fluent in English
  
  

Our vision is to be the number one gateway to urban communities. To get there, we live our values: Drive, Trust, Grow, Together.