Information Security & Privacy Officer

Apply now

Information Security & Privacy Officer

Join Sqills and protect every journey with S3 Passenger.

Full-time · Enschede

Sqills, a pioneering SaaS company based in Enschede, the Netherlands, is at the forefront of transforming the transportation industry with our innovative product, S3 Passenger. Our mission is to empower transportation operators with cutting-edge solutions that streamline operations, enhance customer experiences, and drive digital transformation. To uphold our commitment to top-tier security and reliability, we are looking for a highly skilled Information Security and Privacy Officer. The ideal candidate will possess a hands-on approach, deep technological expertise, and comprehensive knowledge of GDPR, PCI DSS, and ISO 27001:2022 standards. 

As the Information Security and Privacy Officer at Sqills, you will play a pivotal role in safeguarding our SaaS platform and ensuring the security and integrity of our clients' data. With a strong focus on technology and innovation, you will lead our efforts to maintain and continuously improve robust security measures aligned with ISO 27001:2022 standards. This role requires a hands-on approach, practical mindset, and a deep understanding of both cybersecurity best practices and the unique challenges of a SaaS environment.

What will you do?

As a member of our team, you will play a crucial role in maintaining and continuously improving comprehensive information security policies, procedures, and controls tailored to the specific requirements of the S3 Passenger platform. You will ensure compliance with GDPR as a data controller by maintaining and continuously improving the register of processing for Sqills.

Your participation in a multidisciplinary security and privacy team will be essential, conducting regular risk assessments and security and privacy impact assessments. You will act as the spokesperson for the security and privacy team, engaging with prospects, customers, external auditors, and other stakeholders to explain the security and privacy controls applied by Sqills.

In the event of privacy breaches, you will serve as the principal contact for Data Protection Officers of customers, ensuring effective communication and resolution. You will perform assessments on security and privacy requirements from prospects, customers, or other stakeholders to identify gaps between existing controls and new requirements. Additionally, you will conduct internal security audits to validate the design and operating effectiveness of security controls, adhering to ISO 27002:2022 standards, PCI-DSS standards, and other security requirements adopted by Sqills.

Staying up-to-date with the latest cybersecurity trends, emerging threats, and technological advancements will be a key aspect of your role, providing strategic guidance and recommendations to enhance our security posture. You will also foster a culture of security awareness across the organisation through training programs, workshops, and proactive communication initiatives, ensuring that our entire team is equipped to handle security challenges.

We are looking for someone with...

  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field;

  • Minimum of 5 years of hands-on experience in information security;

  • In-depth knowledge of ISO 27001:2022 standards, either by proven experience implementing and maintaining ISMS (Information Security Management Systems) or as lead auditor for ISO 27001 certifications;

  • Excellent communication and collaboration skills, with the ability to effectively engage with technical and non-technical stakeholders at all levels of the organisation.

Why join us?

At Sqills, you'll have the opportunity to work on groundbreaking technologies and shape the future of the transportation industry. We offer competitive compensation, flexible work arrangements, and a dynamic, collaborative work environment where innovation thrives. Join us in our mission to revolutionize transportation with secure, scalable, and innovative solutions.

Curious?

Our software is complex enough, applying for a job shouldn’t be. That's why we only want some basic information.

AWS

Having our microservices running on AWS makes us scalable for any customer anywhere in the world.

React

With React, we can create interactive UIs without too much effort.

TypeScript

With TypeScript we make developing in JavaScript even more effective.

GIT

Version management...what else would you use?

Cypress

Automate front-end testing.