Lead Information Security Officer (1 FTE, Arnhem / Bayreuth)

Aantal keer bekeken: 332 Aantal reacties: 5
  • Functiegroep: IT
  • Regio / Standplaats: Midden-Nederland/Arnhem
  • Dienstverband: Vast
  • Werkweek: 40 uur

Wat doe je als Lead Information Security Officer (IT Adviseur) bij TenneT?

As Lead Information Security Officer (LISO) you are responsible for the further implementation, expansion  and continuity of the IT Security Management System (ISMS) at IMC. The ISMS will be based and audited on the ISO27001 norm and therefore risk based and continuously improving.  As LISO you are the linking pin with the department Corporate Safety & Security (SSC) where policy om IT Security is developed. You advice the senior manager IMC and the MT IMC about the translation of this policy into strategy regarding IT security. You will report in the MT IMC about the status of security improvements, risk status and the status of the ISMS. Your cooperation with the IT Security Officers (ITSO's) and other relevant security functions within IMC is key to the success and effectiveness of your tasks.

As representative of IMC, you cooperate with other LISO's at TenneT in the TenneT wide ISMS Operation team, where companywide security risks are identified and mitigation plans are planned and monitored.

Main responsibilities:

  • You are the representative of IMC as a member of the ISMS operational team (under supervision of the TenneT wide ISMS Manager) and manage internal and external stakeholders on department and on corporate level. You translate external and internal developments with security impact on TenneT and IMC;
  • You are responsible for security management as an effective process, focussing on realizing the goals and ambitions as stated above, being and staying compliant to ISO27001. You provide and manage the information security project portfolio;
  • Ensuring the risk management cycle with regard to security management, by execution of risk assessments, risk analysis and taking mitigating actions, you report on key risks. You monitor the quality of the follow-up plans;
  • You also monitor  to which extent the organisation complies with information security policy, legislation and regulations on the basis of assessments, tests, reviews and audits, inform  and advise MT IMC and draft constructive follow-up on portfolio level.

As the Lead ISO, you report directly to the Senior Manager IMC and are a subject matter expert in the MT IMC.

Wat verwachten we van jou?

  • Academic working level and a relevant university degree (e.g. Computer Science, Business Administration) or equivalent level of knowledge and skills;
  • Knowledge of information and security and risk control frameworks of ISO 27001, ISO27002, COBIT, ITIL, Prince 2 and Agile/Scrum. Certified in the field of security (or other related fields), like: CISSP or CISM. Additional knowledge of audit management like CISA, RE is preferred.
  • Extensive (10 years +)  experience in the field of IT security management with at least two years of in a relevant position;
  • Strong affinity and experience in a coordinating role with management systems, preferably certified for one or more of the HLS ISO standards (f.e. ISO 27001, ISO 14001, ISO 9001);
  • Strong affinity with security management, information technology, risk management and audit;
  • Respected advisor, have strong facilitation, communication and persuasion skills, have strong organisational sensitivity and a clear ability to build strong relationships with business stakeholders at all levels, can bring people together;
  • Strategic as well as hands-on mentality; takes responsibility, is accountable and results driven, have proven problem-solving skills and the ability to identify, analyse, and resolve problems, driving solutions through to completion;
  • You have high integrity standards and well capable to set priorities;
  • Excellent language skills, both in English and preferably in German and/or Dutch;
  • Willing to travel between Germany (Bayreuth) and The Netherlands (Arnhem).

Wat kun je verwachten?

TenneT offers a high profile and responsible function within an interesting and dynamic international working environment. TenneT offers an excellent salary with good secondary benefits. Last but not least we also offer good training and development possibilities.

An assessment can be part of the procedure.

At entry, TenneT performs an AIVD screening.

Duty station for this function is Arnhem and Bayreuth. You will work at least 2 working days per 3 weeks in the other country.

Waar kom je te werken?

Tennet is Europe's first cross-border grid operator for electricity. With approximately 22,000 kilometres of (extra) high-voltage lines and 41 million end-users in the Netherlands and Germany, we rank among the top five grid operators in Europe. Our focus is to develop a North-West European energy market, to integrate renewable energy, and to optimize our safety performance. Safety & Security are core values of TenneT. We set high standards, for our employees as well as our contractors. Taking power further.


TenneT IT operates under the name Corporate Information Management (IMC). This name describes the added value from a business point of view; support the business for the information flows in our business processes. The mission statement of IMC is: 'We support the optimal continuity of business processes at TenneT and act from a business perspective'. How? 'We apply our knowledge and expertise to ensure the success of our colleagues', 'We aim for the highest quality and efficiency' and 'We are 100% accountable'. IMC is a corporate department and consists of 4 departments: Information Management Office in the plan domain of IT and Strategic IT Services, Generic IT Services and Basic IT Services in the build and run domain.

IT Security is vital for TenneT. IMC is developing IT Security to a high professional level.

Contact over deze vacature

Wil je meer informatie?

Neem contact op met:
Martien Hermens,
Recruiter
+31 6 50060539