IT Security Officer
KRUSH Labs
full-time
Posted on:
Location Type: Hybrid
Location: Eindhoven • 🇳🇱 Netherlands
Visit company websiteJob Level
Mid-LevelSenior
About the role
- Develop, implement, and continuously update ISMS and BCMS documentation, including policies, procedures, and standards.
- Conduct and support Business Impact Analysis (BIA) for essential business and research processes.
- Perform risk assessments for organizational processes, assets, and ongoing projects; track and support mitigation activities.
- Develop, maintain, and periodically test business continuity, crisis response, and disaster recovery plans.
- Support the implementation and ongoing compliance with ISO 27001, ISO 22301, and other relevant standards.
- Prepare documentation and evidence for internal and external audits; participate actively in certification and surveillance audits.
- Deliver employee training and awareness programs on information security and business continuity.
- Configure and maintain log collection and integration with security monitoring systems (SIEM).
- Keep security systems up to date through patching, configuration hardening, and regular control checks.
- Participate in security enhancement projects within the Microsoft 365 environment (Exchange Online, SharePoint, OneDrive, Teams, Intune, Defender for 365, Entra ID).
- Collaborate with development, infrastructure, and GRC teams to ensure secure design, deployment, and operation of systems and solutions.
Requirements
- 5+ years of experience in information security and/or business continuity roles.
- Hands-on experience developing, implementing, and maintaining ISMS and BCMS documentation and operational processes.
- Strong knowledge of ISO 27001, ISO 22301, and other relevant standards and frameworks.
- ISO 27001 Lead Implementer/Auditor and ISO 22301 Implementer/Auditor certifications.
- Practical experience conducting audits and participating in certification projects.
- Deep understanding of Microsoft 365 architecture and security components, including:
- Exchange Online, SharePoint Online, OneDrive, Teams
- Intune, Defender for 365, Entra ID
- Experience with security monitoring, log integration, and incident response.
- Strong knowledge of risk management methodologies and continuity planning.
- High attention to detail and accuracy in security documentation and system configuration.
- Strong analytical and problem-solving skills, particularly in risk assessment and continuity planning.
- Ability to work independently and collaboratively across multidisciplinary teams.
- Clear and effective communication skills for training, documentation, and cross-team coordination.
- Proactive approach to identifying vulnerabilities, improving processes, and enhancing overall security posture.
- Experience in a technology, R&D, or high-innovation environment (preferred).
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
ISMS documentationBCMS documentationBusiness Impact Analysisrisk assessmentsbusiness continuity planningdisaster recovery planningsecurity monitoringlog integrationincident responserisk management methodologies
Soft skills
attention to detailanalytical skillsproblem-solving skillsindependent workcollaborative workcommunication skillsproactive approach
Certifications
ISO 27001 Lead ImplementerISO 27001 AuditorISO 22301 ImplementerISO 22301 Auditor