×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Information Security Officer

Job in 6500, Nijmegen, Gelderland, Netherlands
Listing for: ScreenPoint Medical
Full Time position
Listed on 2026-05-30
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 EUR Yearly EUR 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Overview

In the fight against breast cancer, every medical image is an opportunity: to unlock insight, to uncover risk, to embody health, to empower life. ScreenPoint’s Transpara Breast AI delivers unmatched precision for breast radiologists and helps define personalized care pathways for every woman we serve. Make your mark as part of The Breast AI Company.

We are looking for an Organizational Information Security Officer to lead and mature ScreenPoint Medical’s information security program. You will own the strategy, governance, and day‑to‑day execution needed to strengthen our security posture, support responsible growth, and keep the organization continuously audit‑ready.

This is a global role with a strong focus on ISO 27001 and SOC 2. You will work closely with Innovation, Product Management, Engineering, Quality, Regulatory, Infrastructure, Privacy/Legal, and Commercial teams to embed security into how we operate the organization. As ScreenPoint continues to become more AI‑native, you will help ensure that our use of AI, data, systems, and processes remains secure, responsible, and scalable.

You will translate security requirements into practical controls, clear decisions, and measurable improvements within our Information Security Management System (ISMS).

Responsibilities
  • ISMS leadership and security roadmap:
    Own, maintain, and continuously improve the ISMS, including governance processes, documentation, security objectives, management reviews, KPIs, and an organization‑wide roadmap aligned with business goals and the QMS.
  • ISO 27001 and SOC 2 control framework:
    Lead the implementation, operation, and continuous improvement of our security control environment. Maintain the control set, clarify control ownership, define operating cadences, collect evidence consistently, support audits, and track remediation so we remain audit‑ready rather than audit‑rushed.
  • Governance, risk, and policy management:
    Build and operate a pragmatic security governance model, including policies, standards, risk assessments, risk treatment plans, exception handling, and leadership reporting. Translate security risks into business impact and actionable decisions.
  • Security architecture and secure operations:
    Partner with Infrastructure and Engineering to strengthen secure foundations across IAM, endpoint security, cloud security, logging and monitoring, encryption, backup and recovery, and vulnerability management.
  • Incident response and preparedness:
    Own incident response planning and coordination, including playbooks, tabletop exercises, escalation paths, communication plans, and post‑incident reviews. Collaborate with Privacy/Legal when incidents may affect customers or regulated data.
  • Third‑party and vendor security:
    Establish and run a vendor risk management process, including supplier security reviews, contract/security requirement input, risk‑based monitoring, and follow‑up for critical suppliers.
  • Security culture and enablement:
    Build a security‑first culture through practical training, clear guidance, and stakeholder enablement. Act as the primary point of contact for security inquiries, customer assurance requests, audits, and security‑related decision‑making.
  • AI‑native security governance:
    Support ScreenPoint’s transition into an AI‑native organization by helping define practical security principles for the responsible use of AI tools, data, automation, and emerging technologies. Partner with teams to balance innovation, speed, compliance, and risk management.
Requirements
  • Strong working knowledge of ISO 27001 and/or SOC 2, including translating requirements into implementable controls, evidence routines, and operating rhythms.
  • Experience with risk management, policy development, control design, control testing, and remediation tracking.
  • Practical understanding of IAM, cloud security, endpoint security, logging and monitoring, vulnerability management, encryption, backup/recovery, and incident response.
  • Strong stakeholder management skills and the ability to influence Engineering, Product, Infrastructure, Quality, Regulatory, Commercial, Privacy/Legal, and leadership stakeholders.
  • Excellent written and spoken…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search