Information Security Officer – Common Ground
Location: Utrecht, Netherlands (Hybrid)
Hours per Week: 24 Hours
Start Date: 1 June 2026
Contract Duration: Until 31 January 2027
Education Required: University Degree (WO)
Language Requirement: Dutch (Minimum C1 Level)
Job Overview
We are seeking an experienced Information Security Officer (ISO) to support a Common Ground transformation program focused on secure, future-proof, and modular digital services within a government environment.
The role focuses on strengthening BIO2 compliance, security governance, and information security practices for a cloud-native Service Delivery Platform operating on Kubernetes-based infrastructure.
You will work closely with product leadership and multidisciplinary teams to develop security frameworks, governance models, and compliance-related deliverables.
Key Responsibilities
-
Develop and maintain security governance frameworks for Common Ground initiatives
-
Translate BIO2 measures into technical and organizational security controls
-
Create and maintain detailed security documentation and manuals
-
Advise on security aspects of existing and new projects
-
Provide recommendations regarding logging, monitoring, and audit trails
-
Define and advise on non-functional security requirements for suppliers and service providers
-
Support implementation and expansion of security functions within teams and departments
-
Ensure alignment with government security and privacy standards
-
Collaborate with stakeholders across technical and governance domains
Deliverables
Security Manual
-
Comprehensive security manual aligned with BIO2 requirements
-
Translation of BIO2 controls into the Common Ground and Service Delivery Platform context
Policy & Advisory Products
-
Security governance recommendations
-
Advice on project security compliance
-
Guidance on logging, monitoring, and auditing
-
Supplier security requirement frameworks
Required Skills & Experience
-
Minimum 8 years of experience as an Information Security Officer
-
At least 3 years of experience within a Dutch municipality or similar government environment
-
Minimum 3 years of experience implementing BIO/BIO2 frameworks
-
Strong experience advising on information security and governance matters
-
Knowledge and experience with:
-
DigiD framework
-
ENSIA
-
GDPR compliance
-
DPIAs and data processing agreements
-
Experience setting up or expanding security functions within organizations
-
Strong understanding of cloud-native and Kubernetes-based environments
-
Excellent written and verbal communication skills in Dutch (C1 minimum)
Candidate Profile
-
Self-managing and proactive
-
Structured and organized in approach
-
Strong stakeholder management skills
-
Delivery and results focused
-
Comfortable operating in complex governance environments
Work Environment
-
Hybrid work model
-
Minimum 1 day per week onsite in Utrecht
-
Additional onsite presence may be required depending on project needs
Additional Information
-
CVs must be submitted in PDF format and in Dutch
-
Strong focus on collaboration, governance, compliance, and security delivery
-
Inclusive and diverse working environment encouraged
