Information Security Specialist

• Assist in the overall security strategy of the company
• Design, implement, and maintain policies and procedures that reduce security risks and increase compliance and awareness
• Help in assessing the risks and vulnerabilities in the IT landscape and infrastructure, determining the impact and likelihood of these risks, and mitigating them
• Be part of the incident management team and handle security incidents, crisis management, and post-mortem analysis to safeguard business continuity
• Ensure company-wide adherence to legal, regulatory, and industry standards by implementing and managing policies, procedures, programs, projects, and documentation
• Enforce security baselines, manage compliance checks, and ensure policies and procedures remain aligned with security requirements
• Be the link between leadership, sales & marketing, support, development, customers, and third-parties for all cybersecurity matters
• Assist with internal and external security questions
• Focus on policies and compliance
• Broader discussions on how security can be implemented without being a hindrance for employees and users, while still maintaining a good level of security and adherence to legal, regulatory, and industry standards
• Day-to-day security: Helping employees answer questions regarding security, policies, and procedures
• Helping support or sales with answering questions related to security from customers
• Dealing with security incidents like phishing, spam mails, and reported bugs
• Managing low level security procedures, internal audit scenarios, and automated checks
• Broader security: Managing and updating policies and procedures like the Information Security Policy, Risk Assessment, Information Security Management System, and others
• Preparing for and assisting in internal and external security audits
• Checking and maintaining compliance with ISO 27001 and SOC 2 controls
• Increasing security awareness among employees with awareness campaigns and security incident exercises
• Assisting in updating and maintaining security documentation, like security handbooks, internal audit controls, and vendor due diligence

• IT Security related work experience
• Familiarity with security standards and regulations
• Knowledge in risk assessment, treatment plans, incident response, and security audits
• Basic understanding of technical security implementations
• Experience with ISO 27001 and SOC 2 Type II
• Ability to explain security topics to both technical and non-technical audiences
• Flexibility, creativity, and focus on delivering solutions that work for every stakeholder involved

Having any security related certifications is a bonus

• Flexibility to work from home in the Netherlands and from our beautiful canal-side office in Amsterdam
• A chance to be part of and shape one of the most ambitious scale-ups in Europe
• Work in a diverse and multicultural team
• €1,500 annual training budget plus internal training
• Pension plan, travel reimbursement, and wellness perks
• 28 paid holiday days + 2 additional days to relax in 2026
• Work from anywhere for 4 weeks/year
• An inclusive and international work environment with a whole lot of fun thrown in
• Apple MacBook and tools
• €200 Home Office budget