Information Security Officer

As Information Security Officer at IFS Ultimo, you will be at the forefront of our efforts to protect our information assets and drive our security strategy forward. The Information Security Officer (ISO) within IFS Ultimo is a critical leadership position and is responsible for ensuring the security, integrity, and availability of our business organization's information assets. Your work will directly have impact on our ability to achieve our business goals and maintain our reputation as a secure and reliable organization. 

About IFS Ultimo

At IFS Ultimo, we are more than just a workplace; we offer a vibrant team environment to 300+ innovative thinkers dedicated to making an impact. Here, you'll collaborate with a diverse, talented team that prioritizes growth and continuous learning. We are committed to the professional development and personal well-being of our employees, offering tailored learning paths, flexible working arrangements, and a supportive, inclusive culture that celebrates diverse perspectives.

With us, you’ll have the opportunity to shape the future of EAM technology. Whether you're supporting our clients' journey or contributing innovative ideas to our solutions, every team member plays a role in our mission to empower asset owners and technicians worldwide. Our culture thrives on mutual respect, decisiveness, and the drive to achieve results, all while fostering adaptability and creative problem-solving.

The position:

IFS Ultimo has a mature InfoSec organization where continuous improvement, strategic oversight, and business alignment are key. As an ISO, you will have the opportunity to lead and develop our information security strategy, conduct risk assessments, and ensure compliance with industry standards. We support your growth and development, providing opportunities to work on exciting projects and initiatives. 

IT Services is responsible for all crucial aspects of the IT domain, such as information provision, data integration, key applications, and IT infrastructure. Collaboration within the team and IFS Ultimo is important to us, both in the office and from home. Together with the various stakeholders within IFS Ultimo, we are working on solutions and services that support the business to achieve our shared objectives. 

IFS Ultimo has a mature InfoSec organization where SOC 2 compliance, ISO standards, and a risk-based approach are well-established; the ISO's daily routine is less about firefighting and more focused on continuous improvement, strategic oversight, business alignment, and fostering our security-driven culture. 

Key Responsibilities 

• Leadership & Strategy: Develop and implement the organization's information security strategy, aligning it with business goals. 

• Risk Management: Conduct risk assessments, manage the risk register, and oversee the implementation of appropriate controls to mitigate identified risks.  

• Compliance & Standards: Ensure IFS Ultimo remains compliant with industry standards such as SOC 2 and ISO 27001 and any relevant legal or regulatory requirements. You work closely with our legal counsel and our Quality and Compliance Officer. 

• Security Board: You prepare the bi-weekly meetings with the members to discuss all security-related events and deviations and the progress of security-related projects; with this team, you ensure that security incidents are handled swiftly and lessons learned are integrated into future strategies. 

• Security Awareness: Although IFS Ultimo has achieved a high level of InfoSec maturity, you are responsible for cultivating a culture of security awareness across the organization to higher levels, ensuring all employees understand and follow security best practices. 

• Vendor and Third-Party Management: Evaluate and monitor the security posture of our key third-party vendors, ensuring their practices meet organizational standards. You also play an active role in supporting our business process owners and system owners in the periodic vendor assessments. 

• PMO: Your role goes beyond implementing policies. Working closely together with the IT team on IT security improvement projects is also part of the job, as is supporting Sales when Security Questionnaires need to be reviewed. 

Key Skills:

• You have at least a bachelor's degree in ICT or security.

• Strong understanding of SOC 2, ISO 27001, GDPR, and other relevant security standards.

• Skill in risk management and conducting detailed risk assessments.

• Hands-on experience with security technologies, such as firewalls, intrusion detection/prevention systems (IDPS), Security Operation services, and encryption.

• Excellent leadership, communication, and interpersonal skills to work across departments and with executive teams.

• Ability to foster a strong security culture in the organization.

What do we offer:

• A permanent contract for a full-time position (40 hours). 

• Salary aligned with your experience level and market standard + 8% holiday allowance.

• 25 vacation days with the option to purchase 5 additional days.

• Good pension scheme (50/50).

• Incentive scheme.

• Fixed net monthly telephone, home office, and internet allowance.

• Laptop plus everything you need for a good (home) workplace.

• Corporate Social Responsibility (CSR) day, allowing you to take one paid day off per year to participate in volunteer work.

• Read a detailed overview of our compensations & benefits on our career page.

Application and process

If you think this position is the next step in your journey, let us know by hitting the apply button. From there we look closely at your CV and preferably also at your motivation letter. We invite you for a video call for the first meeting and we will inform you about the next steps.

For questions: livelinkyourcareer@ultimo.com or +31 341 42 37 37