Secure access to information assets is critical to achieve business objectives. The Senior Information Security Advisor is responsible for establishing and maintaining the information security program to ensure that information assets and associated technology, applications, systems, infrastructure and processes are adequately protected in the IT environment in which we operate.
Bunzl Continental Europe is one of Europe's fastest growing specialist distribution groups. We are unique in being able to provide a one-stop shop for large corporate customers in a number of market sectors. We are part of Bunzl plc, a global group operating across 29 countries, with a turnover in excess of 9 billion pounds.
Bunzl recently started a program to reach a higher level of IT security accross all Bunzl subsidiaries globally. For the European region, we are looking for the Senior Information Security Advisor based in our European headquarter in Amsterdam, reporting to the IT Manager Infrastructure.
Secure access to information assets is critical to achieve business objectives. The Senior Information Security Advisor is responsible for establishing and maintaining the information security program to ensure that information assets and associated technology, applications, systems, infrastructure and processes are adequately protected in the IT environment in which we operate. The candidate is responsible for identifying, evaluating and reporting on legal and regulatory, IT, and cybersecurity risk to information assets, while supporting and advancing business objectives.
The Senior Information Security Advisor requires leadership skills with sound knowledge of business management and a working knowledge of cybersecurity technologies covering the broad digital ecosystem. The Senior Information Security Advisor will proactively work with business units and partners to implement practices that meet agreed-on Bunzl global IT security standard. He or she should understand IT and must oversee a variety of cybersecurity and risk management activities related to IT to ensure the achievement of business outcomes where the business process is dependent on technology. He or she will be responsible for implementing and running the enterprise information security program.
The Senior Information Security Advisor should understand and articulate the impact of cybersecurity on (digital) business, and be able to communicate this to the board of directors and other senior stakeholders. A key element of his or her role is working with executive management to determine acceptable levels of risk for the organization.
The ideal candidate is a thought leader, a builder of consensus and of bridges between business and technology. He or she is an integrator of people, process and technology. While he or she is the leader of the information security program, he or she must also be able to coordinate disparate drivers, constraints and personalities, while maintaining objectivity and a strong understanding that cybersecurity is fundemantal for the Bunzl organization to deliver on its business goals and objectives.
- Assess the level of IT security of operational companies, benchmarking current maturity against the global IT security policy and standard
- Define and implement IT governance processes such as security management, change management and user access management
- Lead and implement transformation plans to control topics such as management of security breaches, threats and vulnerabilities
- Create and manage a targeted information security awareness training program for all employees, contractors and approved system users, and establish metrics to measure the effectiveness of this security training program for the different audiences.
- Provide regular reporting on the current status of the information security program to risk teams, senior business leaders and the board of directors as part of a strategic risk management program, thus supporting business outcomes.
- Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management.
- Provide clear risk mitigating directives for projects with components in IT, including the mandatory application of controls.
- HBO or college degree in a Computer Science or equivalent program.
- Excellent written and verbal communication skills in English.
- Working knowledge and certified in information security, auditing and regulatory compliance.
- Up-to-date knowledge of methodologies and trends in both business and IT.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT and Cybersecurity Framework.
- Extensive experience on a senior level in IT in general, including at least 3 years in a similar role as a Senior Cyber Security Consultant.
- Affinity with IT processes and systems.
- Analytic, problem solving skills, proactive and result-oriented attitude.
- Strong interpersonal skills and a professional attitude, including the ability to develop relationships with clients as well as peers from diverse backgrounds.
- Excellent analytic skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
- Ability to act calmly and competently in high-pressure, high-stress situations.
- Ability to find the right balance between security needs and business needs.
- Willingness to travel, having the opportunity to work across various geographical locations in Europe.
Great opportunity to work in an international, fast paced environment in a challenging. responsible and crucial position. Good salary and secondary benefits.
€ 70.000,00 - € 75.000,00 /jaar
10% bonus + company car
10% bonus + company car