Information Security Officer

  • General & Administration
  • Remote job

Information Security Officer

Job description

We are searching for an Information Security Office, responsible for information security and privacy management at Sentiance. Sentiance is a cloud-native scale-up working with international clients and sensitive data. As a result, privacy and security have been a priority for Sentiance for many years. The information security officer will be an essential part of maintaining a high standard with the people from our Privacy and Security (PrivSec) team. You report directly to the COO, part of senior management at Sentiance.

Location: Belgium or Europe

What would be your key responsibilities?

As an Information Security Officer, success for Sentiance means running things without breaches, maintaining privacy security and being aware of legal requirements of Data, Privacy and Security. By joining us you will focus on the following responsibilities:

  • Run monthly meetings and recurring activities of the PrivSec team (Sentiance’s information security and privacy committee)

  • Maintain ISO 27001/27701 certification and implement/contribute to new certification programs

  • Review and recommend information security & privacy policies & procedures and accompanying documentation

  • Support and advise on the implementation of technical and organizational measures, with a particular focus on the protection of personal data (privacy)

  • Monitor changes in relevant risks and threats against the organization.

  • Review, handle and monitor reported security & privacy incidents. Provide adequate reporting to upper management and thorough investigation of actual or suspected information security breaches

  • Ensure compliance with current laws, regulations, and requirements contractually agreed with clients.

  • Motivate employees and partners to maintain the responsibility for, ownership of, and knowledge about information security to minimize the risk of security incidents.

  • Collaborate with the technology team to ensure the availability and reliability of the infrastructure, the platforms, and the services supplied and operated by Sentiance, even if significant security incidents occur.

  • Vendor management: ensure that external service providers comply with Sentiance's information security needs and requirements.

  • The PrivSec team prepares and provides training sessions on privacy and information security.


Requirements

What are the essential qualities to be successful in this role?

  • Academic degree, preferably in computer science or related discipline

  • Minimum 3 years of experience in an information security role related to Governance Risk and Compliance (GRC)

  • Has been involved in implementing ISO 27001/27701 or other standards

  • Knowledge of information security standards and frameworks (ISO 27xxx, SOC-2)

  • Knowledge of personal data protection principles and related legislation (GDPR)

  • Good understanding of web technologies, mobile platforms, and cloud infrastructure (AWS)

  • Familiar with software development lifecycle and DevOps principles

  • Ability to provide training and awareness sessions about security measures

  • Able to report on KPI and progress using the right level of detail

  • Excellent problem-solving and analytical skills.

  • Effective verbal and written communication skills.

Nice to Have:
  • Professional information security certifications are a plus but not required.

What do we offer you?

  • The opportunity to develop skills you may never have thought you had in you
  • A unique opportunity to grow your creative and innovative mind
  • Ownership and growth in leadership
  • An inspiring hybrid work environment
  • Great team, you will be surrounded by experienced and highly skilled people
  • You can expect an agile and flat structure, flexibility, and openness for the curious
  • Access to top learning platforms
  • We teach how to take opportunities and turn them into real-life solution
  • A competitive salary