Our team in Amsterdam currently has an opening for a Associate Director Information Security

YOUR ROLE & RESPONSIBILITIES

• Provide leadership to the InfoSec GRC team.
• Design and implement information security policies and procedures in accordance with ISO27001, NIST, BSI frameworks, etc. and regulatory requirements
• Design, implement and operate a robust Information Security risk management process
• Develop and implement an information security risk management strategy and processes
• Develop and maintain an information security asset inventory and the associated risks ranking
• Track the effectiveness of cyber risk controls measures through regular audits and maturity metrics
• Evolve a strategy for 3rd party cybersecurity assessment
• Enforce information security governance in all relevant business operations
• Coordinate the information security governance and compliance committee
• Develop a strategy for IoT/OT and supply-chain security management
• Own and evolve the cloud security control framework that translates the cloud Security directive into a layering of controls related to our CIA Classifications.
• Understands and enforce the cloud security governance framework
• You ensure the cloud platform adheres to and is embedded in the enterprise security architecture.
• Manage technology and business stakeholders in insuring InfoSec policies and procedures compliance

YOUR PROFILE

• Master’s or bachelor’s degree in computer science/information systems or equivalent experience in Information Systems preferred
• 8+ Years developing, implementing, and governing security operations and technology in large, complex enterprises in multiple industry verticals, across a wide range of technology platforms
• 3+ Years developing and implementing security
• 3+ Years on any Cloud Platform (AWS, Azure, Google, others)
• 3+ years in OT/IoT governance and risk management framework
• Deep hands-on experience in providing governance in the design, development, and deployment of business software at scale in SaaS, PaaS, and IaaS environment
• Experience with service-oriented architectures, private and public clouds, and web services security
• Strong skills in security principles such as least privilege access, defense in depth, preventative vs. detective controls,
• Infrastructure and Network Security, Data protection, and Incident response
• Professional experience and good technical knowledge of application security, system security, network security, authentication/authorization protocols, and cryptography.
• Hands-on experience in industry standards such as PCI DSS, ISO 27xxx, SOC, HIPAA, GDPR, and NIST/DoD frameworks and benchmarks
• Good understanding of Enterprise Networks, Security, and Identity Access Management.
• Experience with agile approaches and Experience in DevOps or DevSecOps and how they impact risk management and compliance.
• Hands-on technical expertise in technology automation, implementation, integration, and/or deployment using scripting and/or IaaC.
• AWS/Google Solutions Architect Certified.
• CISSP, CCSP, CISM, and/or other comparable certifications
  Information security certificates such as: CEH, CISSP, CCSP (Certified Cloud Security Professional)

OUR OFFER

• Unique greenfield environment to drive change in a global business
• Open space in a vibrant start-up corporate incubator
• Lots of possibilities for professional development
• International team
• Friendly and supportive colleagues
• Competitive compensation package
• Team lunches, monthly drinks, and other perks

INTERESTED?

We look forward receiving your application.

Brenntag provides equal employment opportunities to qualified applicants and employees of all backgrounds and identities to create a workplace where difference is valued because it forms a resilient and more innovative organization. We do not discriminate on the basis of age, disability, gender identity, sexual orientation, ethnicity, race, religion or belief, parental and family status, or any other protected characteristic. We welcome applications from women, men and non-binary candidates of all ethnicities and socio-economic backgrounds.