Job Description
Information Security Officer – Common Ground
Location: Utrecht, Netherlands (Hybrid)
Hours per Week: 24 Hours
Start Date: 1 June 2026
Contract Duration: Until 31 January 2027
Education Required: University Degree (WO)
Language Requirement: Dutch (Minimum C1 Level)
We are seeking an experienced Information Security Officer (ISO) to support a Common Ground transformation program focused on secure, future-proof, and modular digital services within a government environment.
The role focuses on strengthening BIO2 compliance, security governance, and information security practices for a cloud-native Service Delivery Platform operating on Kubernetes-based infrastructure.
You will work closely with product leadership and multidisciplinary teams to develop security frameworks, governance models, and compliance-related deliverables.
Key Responsibilities
Develop and maintain security governance frameworks for Common Ground initiatives
Translate BIO2 measures into technical and organizational security controls
Create and maintain detailed security documentation and manuals
Advise on security aspects of existing and new projects
Provide recommendations regarding logging, monitoring, and audit trails
Define and advise on non-functional security requirements for suppliers and service providers
Support implementation and expansion of security functions within teams and departments
Ensure alignment with government security and privacy standards
Collaborate with stakeholders across technical and governance domains
Deliverables
Security Manual
Comprehensive security manual aligned with BIO2 requirements
Translation of BIO2 controls into the Common Ground and Service Delivery Platform context
Policy & Advisory Products
Security governance recommendations
Advice on project security compliance
Guidance on logging, monitoring, and auditing
Supplier security requirement frameworks
Required Skills & Experience
Minimum 8 years of experience as an Information Security Officer
At least 3 years of experience within a Dutch municipality or similar government environment
Minimum 3 years of experience implementing BIO/BIO2 frameworks
Strong experience advising on information security and governance matters
Knowledge and experience with:
DigiD framework
ENSIA
GDPR compliance
DPIAs and data processing agreements
Experience setting up or expanding security functions within organizations
Strong understanding of cloud-native and Kubernetes-based environments
Excellent written and verbal communication skills in Dutch (C1 minimum)
Candidate Profile
Self-managing and proactive
Structured and organized in approach
Strong stakeholder management skills
Delivery and results focused
Comfortable operating in complex governance environments
Work Environment
Hybrid work model
Minimum 1 day per week onsite in Utrecht
Additional onsite presence may be required depending on project needs
Additional Information
CVs must be submitted in PDF format and in Dutch
Strong focus on collaboration, governance, compliance, and security delivery
Inclusive and diverse working environment encouraged
