30+ days ago - req18393

Information Security Policy Specialist

Other corporate functions

Other job categories

In a nutshell


Veldhoven, Netherlands


Other corporate functions


3-7 years



Job Category

Other job categories




This role will be responsible for strengthening our information security capabilities with a strong focus on information security policy management.
The role will be part of the Information Security Competence Centrewhich is responsible for execution of the Knowledge Protection Policy including Information governance and the implementation of IRM within the Sectors as well as DLP and CASB.In addition, this role will also perform assessments to ensure compliance to security policies and standards.

Job Mission

Supporting the Security Policy Management team in ensuring that the security policies and standards incorporate Security requirements needed within the organization. Ensure the information security requirements are reviewed and updated into thepolicies and standards and reflect industry best practices.

Job Description

Generic activities:

  • Ensure the creation and regular maintenance of information security policies and standards.
  • Review requirements and ensure new requirements are incorporated with the information security policies and standards.
  • Contribute to the development and implementation of quality policies & standards in the Security Means & Methods.
  • Enable the development of Operating procedures, baselines and guidelines.


Bachelor/master degree or equivalent combination of education and experience.


  • Minimum of 5 years of relevant experience in information security risk management
  • Experience in performing Information Security assessments
  • Proven experience with the ISO27001/ISO31000 risk management framework
  • A strong background in IT or proven relevant experience in the IT security domain
  • Information security risk management qualifications like CRISC, CISSP, CISA or CISM
  • Knowledgeable on global Privacy regulations.

Personal skills

  • Strong analytical skills.
  • Ability to translate threat, vulnerabilities and risks to business stakeholder level and to drive risk mitigation, dealing with resistance and risk appetite.
  • Pro-active and self-motivated with the proven ability to drive results.
  • Strong stakeholder management skills and capable of doing so at various organizational levels
  • Fluent English (written and verbal).
  • Team player with leadership skills.
  • Strong in communication, influencing and negotiating skills.
  • Builder of stakeholder networks
  • Able to give direction and good at planning & prioritizing.
  • Creative when handling problems independently, commitment and flexibility.

Context of the position

The position is within the Information Security Competence Center (in the Risk & Business Assurance Sector). You will formally report to the Manager Information Security Competence Center andsupport the Team Lead Information Security Policy Management team.