Medior Privacy & Information Security Specialist

• Process management: Manage and improve our information security and privacy processes within ISMS, PIMS, and QMS;
• Incident management: Lead incident investigations and contribute to structural improvements;
• Compliance management: Support and coordinate compliance activities related to ISO 27001, ISO 27701, and relevant legislation such as the GDPR;
• Risk management: Perform risk analyses, audits, and vendor assessments;
• Security advisory: Proactively identify vulnerabilities and risks, and advise on appropriate measures;
• Security awareness: Support awareness and training initiatives in the areas of privacy and security;
• Stakeholder management: Serve as a sparring partner for colleagues, management, and external parties.

Your team

You'll collaborate closely with colleagues within the Data Protection Group and other teams across Nedap Healthcare. You'll also liaise with external parties such as auditors, suppliers, and regulators. You will use systems like ISMS, PIMS, and QMS to ensure and improve compliance and security.

Our offer

As a Medior Privacy & Information Security Specialist at Nedap, you'll make a valuable contribution to our mission: making people happier and more successful in their professional lives. In addition to your salary, you'll receive a thirteenth month, a solid pension plan, and a profit-sharing scheme with the possibility to become a Nedap shareholder. Everything here revolves around trust and autonomy. That's why you set your own working hours and holidays. We also highly value personal and professional growth. You'll receive a thorough onboarding, and we encourage you to keep developing yourself.

As a Medior Privacy & Information Security Specialist, you are analytical, structured, and an excellent communicator. You can switch between strategic and operational topics and make complex matters understandable. You have several years of experience in information security and/or privacy and want to deepen your expertise in a dynamic, innovative environment.

• Experience: At least 5 years of relevant work experience;
• Ownership: You take responsibility, work independently, and are results-driven;
• Expertise: Experience with information security and privacy frameworks (such as ISO 27001, NIST, and GDPR) and knowledge of software development;
• Certifications: Preferably hold relevant certifications such as CISM, CISSP, ISO 27001 Lead Implementer, or CIPP/E (or are willing to obtain them);
• Risk-based mindset: Able to assess risks and translate them into concrete controls;
• Communication skills: Capable of building buy-in and conveying advice clearly;
• Teamplayer: You enjoy collaborating and actively share knowledge with colleagues;
• Language skills: Excellent command of Dutch and English, both spoken and written.

* 1,000 employees, About Nedap in Healthcare We simplify the work of caregivers, making their tasks more seamless. Trusted by over 1,900 care providers in the Netherlands, our technology supports a sustainable shift, enhancing accessibility, affordability, and effectiveness in elderly care, disability care, mental health, domestic care, and general practice. Nedap Nedap is a leader in Digital Twin solutions, bridging the physical and digital worlds in Healthcare, Retail, Security, and Livestock. Our technology stack-built on IoT, RFID, Vision, and SaaS-provides real-time insights to optimize operations, manage risks, and drive data-driven decisions. In short, Nedap's Digital Twin Technology empowers businesses to unlock their full potential. IT Groenlo Active in 10 countries 1,000 employees 70% men - 30% women Average age is 35 years