Information Security Officer (16/24 hours per week)

About this vacancy

Are you a driven Information Security Officer with a strong sense of governance, security, and privacy—and do you know how to pragmatically connect policy and technology with business needs? Then we are looking for you! For our TMC Holding located at the High Tech Campus in Eindhoven, we are seeking a part-time Information Security Officer who will continuously help improve our information security and ensure that we demonstrably comply with the ISO 27001:2022 standard and NIS2 guidelines.

What we expect from you

As an Information Security Officer, you are a key figure within our organization. You work closely with colleagues from IT, Privacy, HR, business cells, and external partners. You are analytical, a strong communicator, and capable of translating complexity into actionable guidelines for the organization.

Your responsibilities:

• Policy & ISMS: Enhancing and maintaining the information security policy and ISMS (including SoA) in accordance with ISO 27001:2022 and NIS2.

• Risk management & compliance: Performing risk analyses, defining control measures, and coordinating internal and external audits.

• Privacy (GDPR): Collaborating with the Privacy Officer/DPO on DPIAs, data processing agreements, data minimization, and awareness campaigns.

• Security awareness: Designing and rolling out training, communication, and campaigns focused on safe behavior.

• Incident management & continuity: Coordinating detection, response, and root cause analyses; supporting business continuity activities.

• Security by design: Advising on security requirements for projects, applications, and cloud platforms (e.g., Microsoft 365/Azure).

• Vendor management: Assessing security aspects of suppliers and contractual agreements.

• RFP/RFI & due diligence: Coordinating and completing security questions for tenders, client requests, and audits—together with the business and IT.

What do you bring?

• Proven experience with ISO 27001 (preferably 2022), NIS2, privacy (GDPR), and IT security.

• Solid IT fundamentals and understanding of technical security measures.

• Excellent command of English (required); Dutch is a strong plus.

• Experience in a multinational environment is a significant advantage.

• Strong communication skills: you make complex topics simple and comprehensible.

• You are analytical, structured, and skilled at convincing stakeholders.

• Preferred: certifications such as ISO 27001 Lead Implementer/Auditor, CISM, or CISSP; familiarity with NEN 7510 is a bonus.

• Availability of 16–24 hours per week (flexible schedule).

What you can expect from us

TMC is an international high-tech consultancy company that brings expertise to its clients to support them in realizing their technological challenges. As such, TMC operates as an expert center at the service of its clients, helping them become more competitive in an increasingly global and rapidly changing technological world. At TMC, we believe that people are the driving force behind technological innovation. That’s why we aim to create the best possible conditions for tech talents to thrive. We offer a challenging and stimulating work environment where you can take charge of your own career. As an Employeneur, you are part of our TMC family. Beyond our outstanding technical expertise, fun and engagement are meaningful aspects of our culture.