YOU RECOGNIZE YOURSELF IN THE FOLLOWING:

• Strong experience with stakeholder engagement and influence, reaching alignment on the best way forward in stakeholder groups with differing perspectives;
• Good experience analyzing security threats and risks from a business perspective, and the measures needed to limit them, both at organizational and technical level;
• Knowledge of existing approaches and experience defining security governance structures, processes, and operating models;
• Knowledge of methods, best practices and standards in the field of security, such as NIST 800-53, ISO 27001, ISF SOGP, NIST CSF;
• Broad experience/exposure to different security domains with deep knowledge on some (we do not place specific requirements on which areas you need to have depth in);
• Excellent communication skills, ability to provide structure and communicate complex terms in clear simple language, both orally (conversations, presentations) and written (writing of sound reports, appropriate to the target group and tailored to the needs of the client);
• You have a BSc, MSc or equivalent degree;
• You have excellent command of English (must have) and Dutch (strong preference);
• Prior experience in a CISO support, security strategy, or security product management role is a plus.

As a security strategy consultant, you work with clients to define the key strategic imperatives for security, translate them into initiatives to be implemented and design the right organization structure (security operating model) to enable execution of these initiatives. Working together with senior executives, you help ensure that security serves as an enabler to the rest of the organization, and help them gain visibility on the effectiveness of security through facilitation of management insights and reporting.