Business Information Security Officer (BISO)
Hybrid · Amsterdam, North Holland, The Netherlands
Job Summary
Lead PwC NL CISO office on internal PwC control framework and act as SME for internal audit, including preparation, evidence testing, remediation tracking, and control maturity improvement. Drive ISO 27001, SOC 2, NIS2, and DORA implementations; oversee AI governance and risk management; manage annual security risk assessments; translate global policy into practical standards; embed security across business units; collaborate with auditors, stakeholders, and technology teams; report to senior stakeholders on control status, audit findings, regulatory readiness, and risk themes; foster security awareness campaigns; support hybrid working arrangement in Amsterdam.
Required Qualifications
- 5+ years of professional experience in information security, IT governance, compliance, risk management, and internal control
- Hands-on experience implementing and maintaining ISO 27001, SOC 2, and NIS2
- Security project management experience a strong plus
- Solid understanding of internal audit processes, control testing, issue remediation, and how to build evidence that meets regulator and auditor standards
- Knowledge of AI governance, AI risk, and emerging technology controls
- Previous hands-on IT or cybersecurity experience a strong advantage
- Fluent in Dutch at a professional level
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.