Senior Information Security Engineer

Hybrid
- Amsterdam, Noord-Holland, Netherlands
Information Security and Compliance

Job description

Salary: up to EUR 85,000 plus excellent secondary benefits (see below)

Hybrid: From home and our office at Amsterdam Central Station

Location: Netherlands-based
Work Hours: 37.5 hours per week, full-time basis

We are seeking an experienced Information Security Engineer who is passionate about supporting the well-being of the Internet. In this role, you'll have the opportunity to work with advanced technologies, contributing to projects that support the technical core of the Internet.

As a Senior Information Security Engineer, you will play a crucial role in securing the RIPE NCC’s services and data, responding to security incidents, and enhancing our cloud security controls. You will work closely with system, network, and software engineers across the company, supporting the Chief Information Security Officer and our team of Information Security Engineers.

🧠 What you will be doing:

Cloud Security: Implement and mature cloud security controls, particularly in AWS and GCP environments.
Security Infrastructure: Develop and manage information security infrastructure, including network intrusion detection systems (NIDS), security information and event management (SIEM), and endpoint detection and response (EDR).
Threat Analysis: Investigate new security threats and trends.
Incident Response: Participate in security incident processes to investigate and respond to security incidents.
Collaboration: Work with various technical teams to evaluate and implement effective security technologies and architecture.
Security Audits: Assist in security audits and ensure compliance with information security policies.

Job requirements

👀 What we're looking for:

Education: Bachelor’s degree in IT, Information Security, or related fields. Preferred, not mandatory; relevant work experience is a good substitute.
Experience: At least five years in similar roles, with experience in cloud security architectures/services (AWS and/or GCP preferably).
Technical Skills:

Proficiency with security tools like NIDS, SIEM, EPP, EDR, Linux command-line tools.
Experienced in developing and implementing automations (Python programming experience preferred).
Good relational database skills (querying large and complex datasets).

Soft Skills: Strong security mindset, ability to prioritise and manage workload, complex problem-solving skills, innovative thinking, stakeholder management, and a hands-on mentality.
Language Proficiency: Proficiency in English (both written and spoken).

We would also appreciate:

Security certifications such as AWS Certified Security, Google Professional Cloud Security Engineer, GIAC, or CISSP.
Experience with programming languages, CI/CD tooling, and infrastructure as code.
Knowledge of security frameworks like CIS Critical Security Controls, ISO 27001, and/or COBIT.

📢What you can expect from us:

A flexible and informal work environment with an emphasis on healthy work/life balance. We are in the office on Mondays and Thursdays and work remotely the rest of the week.
An annual salary between EUR 72,000 to EUR 85,000 (before tax). This includes the standard 8% annual “holiday pay”.
Excellent secondary benefits: 5% end-of-year allowance, annual budgets for health, transportation and technology purposes, non-contributory pension scheme, paid parental leave, top-tier health insurance coverage for you and your family and 33 vacation days (full-time 37.5 hours).
A generous training budget each year that can be used for professional development.
An in-house free barista providing healthy, varied lunches on Tuesdays and Wednesdays and nice breakfasts on Thursdays, plus regular office drinks.
Delightful team events such as: Team outings, Christmas party and a summer BBQ.

👥The Information Security department

We’re a team of Information Security engineers and practitioners who care deeply about the good of the Internet. We like to find security issues and fix them, automate as much as we can, do threat hunting, respond to incidents, and have fun along the way. We’re active in the RIPE and CSIRT communities, attending their events, sharing our knowledge, and learning from our peers.

🛜About the RIPE NCC

The RIPE NCC is a not-for-profit organisation founded on the belief that the Internet should be governed openly, transparently and together with the wider Internet community. We are one of the oldest Internet organisations in Europe and are proud of our legacy.

Our strength is our staff. We bring together more than 180 people from over 40 countries in our modern, vibrant office in the east wing of Amsterdam Central Station. Currently, we have a hybrid way of working and allow our staff to work from their homes and the office. Our official working language is English, but our colleagues speak more than 30 languages.

Our backgrounds are diverse, but our goal is the same: we work for the good of the Internet. Will you join us?

📋How to apply

If interested, please click the ‘Apply’ button and submit your CV and cover letter in English. Not ready to apply yet? Then send an email to openings@ripe.net, and we can have an informal chat.

At the RIPE NCC, we are proud to serve our members and the RIPE community in 76 countries across Europe, the Middle East and Central Asia. We celebrate unique perspectives and talents from different backgrounds and cultures. So if you're passionate about what you do and want to help shape the future of the Internet, apply now - we'd love to hear your story.

Please note that due to the nature of our activities, we will require successful candidates to follow a pre-employment screening (conducted by our partner Validata). This involves requesting a criminal record and education certificates.

MEET THE TEAM:

What’s it like working in information security at the RIPE NCC? We sat down with Bryce Verdier, who has been a Specialist Information Security Officer with us for one year. Here’s what he had to say.

👉 What do you like the most about working at the RIPE NCC?
Every day comes with new challenges. And while that is normal for a lot of Information Security roles in the world, it is especially true at the RIPE NCC. Also, working for an organisation that helps maintain the Internet provides meaning to the work. Not everyone gets to say that they help protect “the Internet”.

👉 Which are the current challenges of your team?
The Information Security team, much like the broader cyber/information security industry, is entering a new stage of maturity. We are focused on making our processes more repeatable and automatable. At the same time, we need to engage more with internal and external stakeholders. Therefore, being a strong communicator, not just a skilled engineer, is essential to achieving the group’s goals.

👉 How would you describe the atmosphere in your team?
We are a small team that has a very important role within the organisation. We do our best to be both efficient and effective with the work that we do. Because of this, we try to take care of one another and make sure that there is the space to take care of ourselves.

My information

Fill out the information below

Full name

Email address

Phone number

CV or resume

Upload your CV or resume file

Upload a file or drag and drop hereAccepted files: PDF, DOC, DOCX, JPEG and PNG up to 50MB.

Cover letter

Upload your cover letter

Upload a file or drag and drop hereAccepted files: PDF, DOC, DOCX, JPEG and PNG up to 50MB.

Questions

Please fill in additional questions

Is this vacancy referred to you by one of RIPE NCC's employees? If so, please mention their name below.

Legal Agreements

Senior Information Security Engineer

Job description

Job requirements

Thanks for your application!