Chief Information Security Officer

Job description

Purpose

  • The CISO has global responsibility for setting up, developing and advising a global vision, strategy and roadmap for security, risk and compliance in collaboration within the regions.
  • The main objective is to raise security and risk awareness in order to increase the maturity of security, risk and compliance management within all ERIKS.
  • Monitoring and evaluating the control and effectiveness of security policies and controls.
  • Ensuring the right balance between minimizing risks and realising the optimal business value.
  • Overall coordination in the case of data breaches.
  • Facilitating the regions with enabling and embedding security, risk and compliance policy in a pragmatically, effective and collaborate (Agile) approach.
  • Integral overview of performance of all regions and Holding.
  • Reports directly to the CDIO.
  • Indirect alignment with SHV CISO.
  • Indirect management of a federated team of regional security managers.

Strategy

  • Set out the strategic and tactical roadmap regarding information security, risk and compliance in collaboration with the Risk Management Officer and Compliance Officer.
  • Align security initiatives with ERIKS programs and business objectives, ensure that information assets and technologies are adequately protected.
  • Establish annual and long-range security, risk and compliance goals, define security strategies, metrics, reporting mechanisms and program services, create maturity models and a roadmap for continual program improvements.
  • Identify and ensure implementation of corporate best practices in the relevant areas within ERIKS.
  • Set up and maintain the minimum set of requirements regarding performance and improvements for ERIKS internal and external suppliers regarding security policies and services.
  • Maintain a group wide information security project portfolio.

Leadership

  • Provide leadership philosophy for the Information Security Office to create a strong bridge between the regions, build respect for the contributions of and bring all stakeholders together to share information and create better decisions, policies and practices.
  • Promote collaborative, empowered working environments across ERIKS, removing barriers and realising possibilities.
  • Provide leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies.
  • Lead information security planning processes to establish an inclusive and comprehensive information security program for the entire company.
  • Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.


Implementation

  • Manage regulatory compliance for security-related matters within all ERIKS.
  • Ensure effectiveness of security controlls and also compliance, risk and data privacy related measures.
  • Support ERIKS regions, Holding and other business units in achieving the information security strategic goals.
  • Establish and oversee the organisation's security architecture.
  • Supports projects and programmes with guidance on security best practice and compliance.
  • Evaluate the reporting of the 2nd line of defence concerning the effectiveness of the security, risk and compliance controls.
  • Report and advice to the board about the ambitions, performance and progress regarding security, risk and compliance.
  • Frequently review of major projects and controls for information security compliance and an active role in project steering committees addressing information security.
  • Develop and drive an information security management system and security strategy aligned with minimum SHV Corporate standards and guidelines.
  • Develop and maintain information security awareness at all levels within the organisation.
  • Direct reports to the Board and regulators in case of major security incidents/breaches.

Knowledge and Skills

  • Ability to fulfil an exemplary role for the company and being the source of information for the organisation.
  • Ability to guide proposals in a structured way that helps management and the board in decision making.
  • High level of organizational sensitivity and strong leadership skills.
  • Strong knowledge and understanding of business needs with the ability to establish high level of customer trust and confidence.
  • Creative approach to problem-solving with the ability to focus on details while maintaining the “big picture” view.
  • Experience with setting up a security strategy and information security management system.
  • Has proven knowledge and experience with information security (e.g. CISSP, CISM, CISA or other equivalent certification);
  • HBO/university degree and working experience in a similar position.
  • Excellent interpersonal and communication skills, written and spoken English.


Requirements

What's in it for you

  • Attractive remuneration package, including 37 vacation days​
  • Business tools (laptop and mobile phone)​
  • Hybrid work model​
  • Have real impact and be empowered to delivery change​
  • A nice office next to Amstel station with a good lunch​
  • An excellent career perspective within ERIKS or other SHV Group Companies. For more information go to www.shv.nl


About ERIKS

80 years ago, ERIKS started as a supplier to the dairy industry in the Netherlands, providing mechanical components and tools that helped dairy plants increase efficiency. Since then, the company kept innovating, evolving, and expanding. Through a consistent focus on technology and service, it became a key sparring partner and service provider for a range of industries. Among its clients are high-tech manufacturing and food companies (such as ASML and Heineken), energy industry players (from windmill operators to power plants), heavy vehicle manufacturers (making cars, ships, or airplanes), construction firms, medicine production businesses, and more.

For these clients, ERIKS provides a wide range of technical products (for instance hoses and valves), co-engineering, customization solutions, and related services. Technical teams are at customers’ beck and call for sophisticated support and advice – from design to smart maintenance. And on the local web shops, customers can easily order tools or component parts.


“We provide products and know–how in a way that has a direct impact on the economy. In each household you’ll find at least one item of which the production was improved with help from ERIKS.” – Floris Jan Cuypers, COO at ERIKS


Dutch DNA, global culture
With its expansion into 17 countries and many different industries, ERIKS became a global organization, with a truly international culture and vision and with talent, experts, and client relationships from everywhere. Meanwhile, its headquarters and roots are in The Netherlands. The company is owned by SHV, a family-owned Dutch group with a portfolio of seven companies that together employ nearly 60.000 people worldwide. The culture at both SHV and ERIKS is built on integrity, entrepreneurship, and a core value of investing in people. With its 6.500 employees and nearly 2 billion Euros revenue, ERIKS is an established corporate – yet one with the entrepreneurial drive and willingness to invest that is often found at younger, smaller, PE-backed businesses.


Digital transformation
ERIKS now finds itself in a very exciting phase: that of a companywide digital transformation. The potential of digital technology for ERIKS extends to all business aspects, from easy business workflows to direct commercial purposes. Digital technology can advance ERIKS e-commerce channels as well as offer new innovations and service propositions that are partially or fully digital. Examples include the proposition of Smart Asset Management (IoT) or ‘ERIKS Wiki’, a knowledge mining database for employees and

years people, operating model, architecture, governance, and strategy will take full focus.


Eriks Digital is an equal opportunity employer and strives for equal treatment for all genders. Eriks Digital adheres to ethical recruiting methods ensuring that we do not discriminate against any candidate because of age, disability, gender reassignment, marriage or civil partnership, pregnancy and maternity, race, religion or belief, sex, or sexual orientation. This is a fundamental part of our values and beliefs and we strive to create an inclusive environment where everyone can reach their potential.