We are seeking an experienced Security and Compliance Officer dedicated to ensuring our data privacy policies, operations, and systems align with relevant laws and cybersecurity standards. This individual contributor role involves managing security and compliance across the entire organization, working closely with our Security Specialist and IT department. Key responsibilities include refining our security and compliance protocols, conducting thorough risk assessments and audits, and mitigating potential security breaches. The ideal candidate will lead the development and maintenance of our security architecture, conduct regular security audits, and ensure compliance with ISO 27001 and SOC2 standards.

Key responsibilities:

1. Review and update our current information security and privacy policies;
2. Develop and lead the information security program;
3. Create and oversee the implementation of new security and compliance policies and procedures;
4. Manage our risk management program and ensure SOC2 and ISO27001 compliance and certification;
5. Conduct assessments and audits to measure the efficiency of our compliance and security systems;
6. Advise senior leadership on strategies for optimizing the security of data systems, information assets, and general business processes;
7. Evaluate and document disaster recovery programs to ensure better response in case of security incidents and breaches.

Why we would like to have a dialogue with you

We pick competencies over experience. Can you convince us that you possess the following competencies:

1. Communication: The ability to communicate clearly and effectively with individuals across the organization, and to be responsive to their needs and concerns;
2. Taking ownership: The ability to take full responsibility and accountability for tasks, projects, or actions, demonstrating a sense of commitment and dedication towards achieving desired outcomes;
3. Perseverance: The ability to persist in the face of challenges or obstacles, and to continue working towards a goal despite setbacks or difficulties;
4. Teamwork: The ability to work effectively with others and to collaborate across departments and functions, recognizing that everyone in the company is working towards a common goal;
5. Continuous learning & knowledge sharing: This competency refers to the ability and willingness to learn continuously throughout one's life, and to continuously seek out new knowledge and skills to stay up-to-date and relevant;
6. Planning and organization: the ability to plan and organize work effectively to ensure that commitments are met and that resources are allocated appropriately;
7. Action-oriented: The ability to act quickly and decisively, even in the face of uncertainty, to move projects forward and achieve business goals.

Competencies are key, but to be successful in this role you need to bring a few essentials to kickstart the conversation:

• Bachelor’s degree or related experience
• At least 4 years of experience related to conducting risk-based assessments for information systems and/or operations
• Experience in running a comprehensive governance, risk and compliance program (ISO27001 or SOC 2)
• Knowledge of applicable privacy laws (CCPA/CPRA and GDPR)
• Thorough understanding of vulnerability management, penetration testing, and attack simulations
• Experience with supporting enterprise-wide Security Compliance programs designed to anticipate, assess, and minimize control gaps and audit findings
• CISO certification would be considered a plus

What do we offer?

• Pension plan;
• Working from home allowance;
• €825.- to spend on a desk and chair to ensure you can work from home comfortably;
• Flexibility to work from "Anywhere";
• Option to pay out the holiday allowance monthly instead of annually;
• 28 holiday days, with the option to buy more;
• And more!

Some last notes

In The Netherlands, we work hybrid and we invite you to come to the office at least twice a week.

AnywhereNow is committed to creating a diverse environment and is proud to be an equal-opportunity employer. We accept difference and we thrive on it for the benefit of our employees, our products, and our community.

Please note that we have a background check policy. The background check differs per country and position. If you would like to know more, the recruiters are happy to answer any questions!