Your tasks and responsibilities
As an Information Security Officer you will play a central role in driving the tactical processes that ensure that security is properly built into all of the services that ITF provides.
Some of the topics that you work on:
• Interpreting and where needed documenting security policy at departmental level;
• Translating policy into actionable information protection requirements;
• Managing security assurance over internal and external service providers;
• Managing security awareness and training;
• Managing security related communication and documentation.
There are currently two Information Security Officers who work closely together and act as each other's backup. Each takes the lead in driving certain topics, but both participate in supporting execution. For the topics for which you play the leading role, you will be responsible for defining and continuously improving the way in which the activity is carried out. You will define both operational and improvement objectives and plans. You will actively track progress and report over this, triggering correction as and where needed.
You will have a lot of contact with security subject matter experts, project managers, process managers, service managers, and the management to which they report. While primary responsibility for coordination with other parts of TenneT lies with the Lead Information Security Officer, you will also coordinate directly with your counterparts in other parts of the TenneT organization in relation to the subjects that you lead. Stakeholder management is therefore a very important part of your role, and must be something you enjoy.
As the Information Security Officer, you report functional to the Lead Information Security Officer and in the line to the Head of the Information Management Office department.
This is an international position. You must be willing to travel to different TenneT locations in Germany and the Netherlands, and be proficient in working remotely in virtual teams.
The ideal candidate will have:
• At least 3 years of relevant professional experience as Information Security Officer;
• A sound understanding of information security management and information security risk management and related standards and frameworks, established through professional training and evidenced via relevant certifications (e.g. CISM, CISSP).
• A good working knowledge of service management processes according to ITIL and the ways that these are implemented in complex, multi-party IT service delivery chains;
• Sound functional management and consulting skills, including strong organizational sensitivity, the ability to motivate, persuade and steer based on expertise rather than direct authority, and the ability to build strong relationships with (IT and business) stakeholders at all levels and in all areas;
• The ability to structure and steer in combination with a hands-on can-do mentality;
• At least a good basic understanding of IT assurance and related mechanisms and standards;Direct experience in auditing or in interacting with auditors is preferable.
TenneT offers a high profile and responsible function within an interesting and dynamic international working environment. TenneT offers an excellent salary with good secondary benefits. Last but not least we also offer good training and development possibilities.
You will receive a salary with excellent secundary conditions as regulated by the sector-CAO TSO such as:
• Salarisindication: Scale 8, €3.287,- - €6.746,- gross per month based on 40 hours per week (depending on knowledge and experience);
• 43 vacation days;
• year end payment (6% of gross year salary);
• contribution of € 60,- gross per month for health insurance;
• flexible working hours and working at home is possible;
- An assessment can be part of the procedure.
- At entry, TenneT performs an AIVD screening.
As Information Security Officer, you will be part of a wider ITF security management team that consists of a Lead Information Security Manager, two Information Security Managers, a Security Architect, a Risk Manager, a number of Operational Security Managers, and the Service Manager responsible for shared security services (e.g. the SOC). You will work closely with the other members of this team.