Information Security Officer - Application Security
(Sr.) Professional
Job
Netherlands, Delft
Corporate Functions
Netherlands
**candidates need to be living in the Netherlands already**
As an Information Security Officer, you will set the bar for our security baselines and policies. We are looking for a specialist with in-depth knowledge of application security. At Exact, your technical skills and “dare to” mentality, can lead to the best innovations. And where is your career heading? That’s up to you. The career opportunities are unprecedented. 2,050 enterprising colleagues have already paved the way. Are you on board?
This = the job you are looking for
In the continuously changing world of software development and technology, the security of information is now more important than ever. We are looking for a security officer with proven knowledge of developing secure products and services in the cloud, mobile and on premise. You will be the subject matter expert, who will drive application security through the organization. We, as Exact, have a large cloud infrastructure in which security is key. You will be working together with developers and infra engineers to advise on baselines, educate them about our policies and work on security risk assessments for new developments.
You will help define and drive the Information Security strategy, policies, and maturity. You are recognized as the Information Security expert by internal and external stakeholders with proven strong technical capabilities. You do this in close cooperation with the different departments within Exact like Corporate IT, Cloud Operations, and Development. Your focus will be on delivering secure products and services to our customers.
And that's not all. We can rely on you as an Information Security Officer to:
- Identify new security developments, requirements and risks and take the lead in ensuring these are followed upon by the business in line with Exact’s risk appetite;
- Drive security awareness initiatives;
- Maintain information security policies for Application Security in line with industry best practices;
- Maintain the security roadmap for the Exact group on Application Security together with our Technology teams;
- Lead the discussions for current implementation of security by design in our products and processes and act as a business partner;
- Support the CISO with the annual planning, reporting and risk governance meetings.
This = your team
You will join the five colleagues in the Security and Privacy Office in the GRC department. They are known for their knowledge, integrity, and smooth cooperation.
The Security office is part of the second line risk department, Governance, Risk and Control (GRC). Asking for help if necessary and offering help if possible is part of their DNA. We have few predefined paths, which gives you plenty of room to choose your own.
This = what you bring
With us, you can be yourself, and we would love to discover what sets you apart. For the position of Information Security Officer, you need strong communications skills and a background in Software Development. What’s more, you bring:
- Bachelor’s degree in Computer Science or related technical disciplines, preferably complemented with an additional certification within the security domain such as: CCSP, CISSP, CSSLP, OSWE or any Cloud Security Certifications or similar experience;
- More than 5 years of knowledge/experience within Application Security, software development and IT risk;
- Strong experience with topics like:
- Security compliance/certification
- Security frameworks, best practices, and standards
- Secure System Development Lifecycle
- DevSecOps
- Cloud Security
- Security Awareness Training
- Secure design principles
- Threat modelling
- Penetration testing
- Responsible Disclosure/Bug Bounty
- Tooling like SAST/DAST/SCA
- Strong in communication, stakeholder and relationship management;
- Experience in handling end to end delivery with full delivery ownership;
- Fluent in English and Dutch preferred.
This = what you get
At Exact, we value the balance between work and relaxation. You can work up a sweat in our own gym or take a break at the coffee bar. Empty your head and then tackle your daily tasks with renewed energy. Of course, that's not all. As an Information Security Officer, based on 40 hours per week, you can also count on:
- A competitive salary package incl. a 13th month and of course 8% holiday allowance
- An international, innovative and hybrid working environment, with the flexibility to work from home or any of our offices
- Over 2000 colleagues worldwide of which around 550 in technology.
- 27 vacation days
- 3 Giving back days, which can spend on giving back to (local) community
- A modern pension scheme
- All the room your ambition needs and to further develop your skills we facilitate training via our learning and development center to help you to fulfill your career potential
- Friday afternoon drinks at our bar “Bits & Bytes”
About Exact
Exact develops cloud software for small and medium-sized companies and their accountants. The products automate business processes in areas such as Finance and HR and provide specific ERP solutions for wholesale distribution, manufacturing, projects and construction. This saves time and provides insight. It enables customers to work efficiently, make informed decisions and continue growing. More than 675,000 companies primarily in the Netherlands, Belgium and Germany already rely on Exact's software.
Exact was founded in 1984 in Delft, the Netherlands, which is still the location of our head office. Every day, more than 2,000 ambitious professionals work on innovation. Driving responsible business, with respect for each other, the environment and society is central to this. For more information, visit www.exact.com.
