Senior Information Security Officer

Hybrid: from home and our office at Amsterdam Central Station

Salary: between 68,000 EUR to EUR 80,000 (before taxes) plus excellent secondary benefits (see below)

Full-time: 37.5 hours per week 

IMPORTANT: you should be living in the Netherlands or willing to relocate

We are seeking an experienced Senior Information Security Officer who is passionate about supporting the well-being of the Internet. In this role, you will take the lead in securing the RIPE NCC’s services and data, proactively addressing security challenges, and shaping the evolution of our security operations. As a trusted partner, you will collaborate with teams across the organisation to build resilient solutions that protect our digital ecosystem.

If you are motivated by solving complex security challenges and making a meaningful impact, we would be delighted to hear from you.

🧠 What you will be doing: 

• Security Governance: Contribute to the execution of the information security strategy. Establish and enforce security policies, procedures, and standards to mitigate risks.

• Security Reviews and Advisory: Perform regular security assessments and application security reviews to identify potential threats and weaknesses.  Effectively communicate security findings and work closely with various internal stakeholders to identify, advise, and implement security improvements. 

• Vulnerability Management and Testing: Identify, track, prioritize, and collaborate with technical teams to remediate vulnerabilities effectively. Perform testing to identify vulnerabilities and validate security controls.

• Security Incident Management: Lead security incident response efforts. Collaborate with internal teams and external partners for effective incident response and risk reduction.

• Training and awareness: Develop and deliver security awareness training programs for employees. Actively promote awareness of security practices. Act as a security advisor during product planning and development phases to balance usability, performance, and security.

👀 What We're Looking For:

• Bachelor’s degree in Computer Science, Information Security, or a related field; advanced degree preferred.

• 5 years of experience in Information Security with proven expertise in securing hybrid environments, particularly Linux-based systems and AWS cloud services.

• Hands-on experience with security reviews, vulnerability assessments, and security controls implementation.

• Knowledge of security frameworks, standards, and best practices, such as ISO27001, NIST CSF and OWASP.

• Proficiency with security tooling such as SIEM, EDR, SAST, DAST, PAM, etc.

• Experience in leading security incident response and anticipating potential threats.

• Excellent communication in English (Written and Oral), interpersonal skills and partnership building.

It would be nice if you also have:

• Related certifications such as CISSP, CISM, OSCP, AWS Certified Security, or GIAC.

• Experience with containerization technologies (Docker, Kubernetes) and associated security practices.

📢 What you can expect from us:

• A modern, flexible and informal work environment with an emphasis on a healthy work/life balance

• Flexible work-from-home policy, so you can arrange your weekly office and 'working from home' days in a way that works for you. Working from abroad for a number of days per year is also possible

• An annual salary between 68,000 to EUR 80,000 (before tax). This includes the standard 8% annual “holiday pay”.

• Excellent secondary benefits: 5% end-of-year allowance, annual budgets for health, transportation and technology purposes, non-contributory pension scheme, paid parental leave, top-tier health insurance coverage for you and your family and 33 vacation days (full-time 37.5 hours)

• A generous training budget each year that can be used for professional development.

• Organisation-wide internal training program designed to develop critical soft skills—like feedback, resilience, and leadership—giving you the tools to excel in your career and beyond.

• An in-house free barista providing healthy varied lunches on Tuesdays and Wednesdays and nice breakfasts on Thursdays, plus monthly office social events.

• Casual team events such as team outings, annual Christmas party and summer BBQ.

👥 The Information Security Department

We are a dedicated team of Information Security officers and security engineers with a passion for safeguarding the Internet and enhancing security for everyone. Our focus is on identifying and resolving security issues, automating processes to improve efficiency, strengthening our overall security posture, and ensuring we’re always ready to respond effectively to incidents.

Transparency and collaboration are at the heart of what we do - we actively participate in the RIPE and CSIRT communities, attending events, sharing insights, and learning from our peers, all while maintaining a sense of fun and teamwork along the way.

🛜 About the RIPE NCC

The RIPE NCC is a not-for-profit organisation founded on the belief that the Internet should be governed openly, transparently and together with the wider Internet community. We are one of the oldest Internet organisations in Europe and are proud of our legacy.

Our strength is our staff. We bring together more than 180+ people from over 44 countries in our modern, vibrant office in the east wing of Amsterdam Central Station. Currently, we have a hybrid way of working and allow our staff to work from their homes and the office. Our official working language is English, but our colleagues speak more than 30 languages.

Our backgrounds are diverse, but our goal is the same: we work for the good of the Internet. Will you join us?

📋 How to apply

If interested, please click the ‘Apply’ button and submit your CV and cover letter in English. Adding a cover letter is highly important and appreciated, our team read them carefully.

Not ready to apply yet? Then send me an email to openings@ripe.net and we can have an informal chat.

At the RIPE NCC, we are proud to serve our members and the RIPE community in 76 countries across Europe, the Middle East and Central Asia. We celebrate unique perspectives and talents from different backgrounds and cultures. So if you're passionate about what you do and want to help shape the future of the Internet, apply now - we'd love to hear your story.

Please note that due to the nature of our activities, we will require successful candidates to follow a pre-employment screening (conducted by our partner Validata). This involves carrying out a background check and sharing education certificates.