InformationSecurityOfficer(ISO)

📍 Eindhoven (Hybrid - 3 days/week onsite) | Full-time This is what you tell people at parties 👋 “At Sendcloud, we build Europe’s leading shipping automation platform - helping over 25,000 e-commerce businesses grow. I help make sure we can scale fast and safely: keeping our ISO 27001 security program strong, turning security risks into clear decisions, and working with Engineering, Platform, IT, Legal/Privacy and Support to protect our customers, our people, and our business. Security here is a business enabler - not a checkbox.” What you will do in this role 🧐 We’re looking for an Information Security Officer who can combine pragmatic governance with hands-on program leadership. You’ll own our information security program and help ensure our ISO 27001 ISMS stays healthy and audit-ready - while driving real security improvements across the company. This is a role for someone who enjoys building clarity, influencing stakeholders, and making sure important work actually gets done. You’ll be involved in: Owning our ISO 27001 ISMS (and keeping it always-on) → internal audits, evidence, management reviews, corrective actions, and external audit readiness Running security risk management that leads to decisions → maintaining a living risk register, driving mitigations with owners and timelines, and enabling explicit risk acceptance when needed Driving security governance that teams can actually use → practical policies and standards for access, data handling, vendor risk, and incident response Leading security incident governance → classification, escalation, post-incident learning loops, and preventing repeats (in partnership with Platform/Engineering/Support) Managing third-party and vendor security risk → risk tiering, due diligence, and working with Legal on security requirements and ongoing assurance Enabling safe use of AI and agentic workflows → clear guardrails for AI tooling and automation so we can adopt AI safely without slowing teams down (including visibil