Information Security Officer (ISO)

Company Description

We are SNV

SNV is a global development partner, deeply rooted in the countries where we operate. We are driven by a vision of a better world: A world where across every society all people live with dignity and have equitable opportunities to thrive sustainably. To make this vision a reality, we need transformations in vital agri-food, energy, and water systems. SNV contributes by strengthening capacities and catalysing partnerships in these sectors. We help strengthen institutions and governance, reduce gender inequalities and barriers to social inclusion, and enable adaptation and mitigation to the climate and biodiversity crises (SNV themes).  

Building on 60 years of experience we support our partners with technical and process expertise and methodological rigour. We do this in more than 20 countries in Africa and Asia with a team of approximately 1,600 colleagues. By being adaptable and tailoring our approaches to these different contexts, we can contribute to impact at scale, resulting in more equitable lives for all. 

Our core values of people-centeredness and respect, equity and equality, and diversity and inclusion are fundamental to who we are and what we do. This is reflected in our vision, mission, and strategy, which set out our aspirations and commitments as our compass towards 2030.

For more information on SNV, please refer to our website: www.snv.org    

Job Description

Your role
The Information Security Officer provide expertise, support and guidance to all teams at SNV on implementing, maintaining and reporting on information security posture around confidentiality, integrity and availability. The ISO will function within the context of SNV's comprehensive Information Security Governance Framework, which includes maintaining a robust Information Security Management System (ISMS) based on industry standards such as ISO/IEC 27001.

This is a new position within a newly established information security organization at SNV, reflecting the organisation's commitment to enhancing its security posture. The ISO will support the Global Information Security Officer (GISO) in executing the information security strategy and will deeply collaborate with the country teams and the various global teams to conduct risk assessments, propose and implement measures in line with the Information Security policy and support in manage information security incidents. This role is pivotal in fostering a culture of information security awareness and ensuring that SNV's information security measures are aligned with its strategic goals and regulatory requirements.

The Information Security Officer reports to the Global Head of ICT and has a functional reporting line to the Global Information Security officer (GISO). It is the intend that over time the ISO will grow into the GISO role. The GISO role is currently fulfilled on a part-time basis by an expert consultant.

Context of the role
SNV has set out a strategy to further mature its information security function. With increasingly digitalized management across all SNV’s operations, it becomes crucial to ensure there is full control over all our digital assets and information. This is especially relevant as SNV works and collaborates with many partner and donor organizations across all its projects which creates additional complexities in the landscape of information governance. Furthermore, SNV will likely establish a multi-year Digital Transformation roadmap focusing on increased impact and operational excellence. This will require more robust and fully embedded information security practices in the organisation.

Key job responsibilities
The main responsibilities of the ISO are the following:

• Support in developing, maintaining and implementing information security measures, processes and procedures
• Support in preparing and conducting Business Impact Assessments and Risk Assessments
• Support GISO in preparing and executing the annual information security plan
• Respond to and manage information security incidents and breaches, including conducting investigations and proposing and implementing corrective actions
• Support the GISO in ensuring compliance with relevant data protection laws and regulations
• Coaching and guiding of Information Security Ambassadors to ensure the ISA’s are enabled to translate the information security policy and procedures into concrete measures that need to be implemented and embedded into the work processes of their respective team as well as support the ISA’s in reporting back on information security posture of their team.
• Developing and maintaining guidance for SNV employee’s on how to put the information security policy into practice in day-to-day work.
• Be champion and go to person for information security related questions from the organization. Leverage the SNV Intranet to share guidance information.
• Expertise: Stay up to date with the latest security systems, standards, authentication protocols, and products. Build and grow expertise through formal training and certifications as well as participating in information security related communities and events.
• Collaboration: Coordinate with technology and business teams to assess risk and stay abreast of cybersecurity threats
• Reporting: Review, analyse, and deliver reports on security incidents to senior management as well as overall state of information security against plan.

Qualifications

To be considered for this role, you will need: 

• Higher professional education or university level
• Understanding of ISO27K controls
• 2 to 3 years of experience in a (C)ISO role or a role that was exposed to information security aspects
• Experience with implementing information security measures and controls across an organisation; performing risk assessments and risk analyses methods
• Experience with providing coaching and guidance from an expertise role to people and teams
• Knowledge of general business management, organisational governance systems and cybersecurity
• Solid understanding of the EU General Data Protection Regulation
• You take initiative and are creative in solving problems
• Ability to work with, guide and foster productive collaboration with hybrid teams across the entire SNV organisation
• You are eager to help grow information security awareness and practices across the organisation
• You are willing to learn
• Willingness to travel a few times per year
• Strong oral and written communication skills in English
• Solid computer skills in MS-applications (Word, Excel, Outlook, Powerpoint, Internet, etc.)

Additional Information

Working for SNV 
We are home to 57 cultures working in over 20 countries, with about 95% of our team members holding the nationality of the respective countries we work in. We promote (international) career development. Our workforce consists of a mix of both people with longstanding tenure, willing to share their institutional knowledge, as well as people with external backgrounds and experience. All with an inquisitive view and united in ‘ONE SNV’ working towards our purpose. 

Together, we are committed to the effective and efficient stewardship of resources and maximising positive, lasting impacts. Our ability to deliver results rests on our robust foundation of experience, technical knowledge, evidence and learning; our commitment to strengthening capacities and catalysing partnerships; and the relationships and trust of those we work alongside. 

At SNV, inclusivity is at the heart of our ethos. We celebrate the diversity of our workforce and uphold a policy of non-discrimination based on factors such as disability status, religion, ethnic origin, gender, sexual orientation, and more. 

We offer a stimulating work environment, opportunities to lead and innovate, and a commitment to growing your skills in a fulfilling international working environment.  

Other Information

• Contract type: National employment contract - fulltime/40 hours a week. initial contract duration: 12 months  

• Duty station (hybrid work model): The Hague / The Netherlands 

• Expected start date: November 2025

How to Apply
If you meet the requirements and are excited about this opportunity, we would love to hear from you. Apply today by uploading your CV and motivation letter by 6th of August at the latest.

Reference & Vetting Check
Potential candidates will be asked to provide the contact details of a person who is willing to act as a reference; this could be a university professor or a line manager from a previous job assignment.

SNV carries out rigorous background and reference checks concerning possible safeguarding incidents for all candidates applying for International determined positions. As SNV participates in the Inter-Agency Misconduct Disclosure Scheme, all reference checks include a request to past employers to fill in a questionnaire regarding Misconduct (sexual exploitation, sexual abuse, or sexual harassment), the “Statement of Conduct". This Statement of Conduct adopts the definitions used in the Scheme.