Information Security Officer

BNG is the fourth-largest bank in the Netherlands and is driven by social impact. Our focus is on providing financing that contributes to a more social, sustainable and future-proof Netherlands.

As an Information Security Officer within the Product Management Security team, you help BNG demonstrably strengthen security and embed it in products, processes and development. You support teams with security assessments, guide penetration tests and ensure that findings are followed up. With your advice and sharp risk perspective, you embed security by design in applications and cloud developments.

What will you be doing?

As an Information Security Officer within the Security department, Product Management Security team, you contribute to developing and managing BNG’s security products, services and processes, so that they demonstrably support digital resilience, compliance and trust. You help translate strategic security objectives into concrete product roadmaps and ensure that solutions align with both internal governance requirements and external regulations (such as DORA and ISO27001). As of 1 May 2026, Product Management Security must also demonstrably contribute to an integrated and future-proof security landscape, in which products and processes not only meet compliance requirements, but also structurally strengthen BNG’s digital resilience.

Your focus is on developing and improving security products and services, such as monitoring tools, vulnerability management solutions and reporting instruments, with usability and effectiveness at the core. You ensure a clear lifecycle approach: from needs analysis and design through to implementation, maintenance and evaluation. You work closely with Security Operations, IT and other value chains to ensure that products are not only technically robust, but also strategically relevant and explainable from a governance perspective.

In your day-to-day work, you apply Shift Left by embedding security and compliance early in the development process (CI/CD, code analysis, developer awareness), so that vulnerabilities are discovered and resolved faster. In addition, you identify innovation and improvement opportunities and translate external insights and sector best practices into new functionalities and improved security products and services. Transparent communication and persuasive skills are essential to build support and ensure that security products are truly adopted and used effectively within BNG.

From your role, you support development teams and stakeholders in securing processes and systems. You set up and continuously improve application software security, perform security assessments and coordinate penetration tests. You actively follow up on penetration test findings with the teams and advise and challenge projects and teams on security requirements, with an emphasis on security by design.
You deliver standard to complex analyses and implement new solutions within a specific domain. You initiate improvements, set your own priorities and coordinate tasks in (parts of) projects.

Your workplace

You report to the Head of Value Chain Security. You are part of the Security department within the Product Management team.
The Product Management team consists of approximately 6 employees, including the ISOs and the Product Manager. You work with various internal and external stakeholders such as DevOps teams and BISOs, and collaboration with our suppliers is also part of your responsibilities.

What we ask of you

• You have HBO/WO (higher professional/university) level of working and thinking; a completed degree such as Cyber Security, (Technical) Computer Science, Information Security Management, IT & Security Management or Computer Science.
• Additional security certifications (preferred): CISM, CRISC, CISSP, etc.
• At least 3 to 5 years of experience in information security or a related role.
• Demonstrable experience with, among others, IT audits, risk assessments, supplier assessments, TLPT trajectories and application software security.
• Comfortable using technical jargon; experience with software development in a cloud environment, integration of SaaS services and/or migration of on-premise software to the cloud.
• Good command of Dutch and English, both spoken and written.
• In-depth knowledge of IT, data, digitalisation and process management, enabling you to collaborate effectively in an organisation that is digitally and process-oriented, and where customers increasingly do business with BNG digitally.
• Basic knowledge of how a bank operates. This enables you to understand processes, products and regulations within a financial institution, so that you can contribute effectively in an environment where social responsibility and financial services come together.

What do we offer?

What can you expect when you come to work at BNG Bank? You will be working for a sustainable and societal conscious bank, where the interests of our customers are paramount in everything we do. We do this together, with each other and with our customers. We connect, develop as people and professionals, and value you for who you are and what you contribute. The work we do is special, but we remain modest. This is what we pride ourselves on. We are a reliable employer with a clear mission. With us, you can deliver outstanding performance and you will be given a lot of responsibility right away. Of course, you can also count on good working conditions, such as:

• A competitive salary. Salary will be determined based on education and experience.
• A 13th month and 8% holiday allowance (paid monthly);
• Hybrid working. You will receive a home office compensation of €750 every 5 years and an expense allowance for working from home of €4 per day worked;
• Travel allowance of €0.23 per kilometre and full reimbursement of public transport costs based on second class travel;
• Personal development opportunities via our Archipel training platform. We believe it is important that you continue to develop, which is why you can make unlimited use of this platform;
• 216 hours of holiday per year based on a 36-hour working week and the option to buy and sell hours;
• A sports allowance worth €400 net per year;
• A bicycle plan worth €3,000 per 3 years;
• Free chair massages, boot camp/yoga;
• Once every 7 years, you can take two consecutive months of vitality leave.

And much more... discover it for yourself!

More information

If you have any questions about the position or the application procedure, please contact Imran Ahmed, Corporate Recruiter, +31 627285212 or via werkenbij@bngbank.nl

Procedure

Our selection procedure consists of a telephone introductory interview with the recruiter and a maximum of two selection interviews, followed by a proposal of terms of employment. In accordance with our recruitment and selection policy, internal candidates will be given priority if equally suitable. A pre-employment screening is part of the application procedure.

No unsolicited acquisition

In order to submit CVs to BNG Bank N.V., an external recruitment agency must have entered into an agreement to this effect with BNG Bank N.V. Whereby, a CV may only be submitted if the agency has been invited to assist in the search for suitable candidates for a particular position. BNG Bank N.V. will not treat any unsolicited CVs submitted outside these conditions as direct applications from the candidate. An agency that sent the unsolicited CV cannot derive any rights from the foregoing. BNG Bank N.V. is not liable for any placement fees or any other compensation. Unsolicited CVs will not be returned by BNG Bank N.V.