Job Description & Summary
Do you want to shape how PwC Netherlands protects its people, clients, and data in a rapidly changing regulatory landscape? Are you ready to take ownership of security governance, risk, and compliance across one of the country's leading professional services firms?
In this role you'll lead the CISO office's work on internal control, audit readiness, and the implementation of frameworks like ISO 27001, SOC 2, NIS2, and DORA. You'll also help shape PwC NL's approach to AI governance and drive our annual security risk assessment. It's a visible role with direct impact on how we manage security risk across the member firm.
This is what you'll do
You'll join the CISO office, a team of informal and ambitious professionals who work closely together on meaningful, firm-wide security topics. You'll act as a subject matter lead on internal security, risk, and control initiatives, translating global policy into practical standards and ways of working for PwC NL. You'll work hands-on with auditors, business stakeholders, and technology teams to embed security into our day-to-day operations, while also driving forward strategic programs around resilience, regulatory readiness, and AI governance. You'll report regularly to senior stakeholders on control status, audit findings, regulatory readiness, and risk themes.
Lead the CISO office's work on the internal PwC control framework and act as SME for internal audit, including preparation, evidence testing, remediation tracking, and control maturity improvement.
Drive the implementation, upkeep, and continuous improvement of ISO 27001, SOC 2, NIS2, and DORA, and manage the CISO office pillar of PwC NL's internal IT Unified Control Framework.
Lead the global and local annual security risk assessment and manage PwC NL's security awareness campaigns.
Implement and maintain the firm's approach to AI governance and risk management, including policy development, risk assessment, control definition, and oversight of responsible use.
Partner with internal committees and lines of service to ensure security, risk, and control requirements are understood, workable, and embedded across the business.
You recognize yourself in this
You're a proactive professional who combines a structured, consultative approach with a hands-on delivery mindset. You communicate practively and clearly with both technical teams and business stakeholders, and you know when to set firm guardrails and when flexibility is the smarter choice.
5+ years of professional experience in information security, IT governance, compliance, risk management, and internal control.
Hands-on experience implementing and maintaining ISO 27001, SOC 2, and NIS2 (not only advising on them); security project management experience is a strong plus.
Solid understanding of internal audit processes, control testing, issue remediation, and how to build evidence that meets regulator and auditor standards.
Knowledge of AI governance, AI risk, and emerging technology controls, plus previous hands-on IT or cybersecurity experience as a strong advantage.
Previous hands-on IT, or cybersecurity experience during your early career stages is a strong advantage.
Fluent in Dutch at a professional level.
What we offer
With us you get the chance to be yourself, bring out the best in yourself in a high-performance organization, and grow within our global network. We offer you, among other things:
A competitive salary in line with your experience, an annual bonus (depending on results and personal development), and the opportunity to grow further in your career;
A permanent contract from day one and a motivating work environment where collaboration with ambitious colleagues and recognition of your contributions are central;
A wide range of tailor-made training programs focused on professional growth and leadership development;
The option to use various mobility providers (OV) via one convenient app;
32 vacation days and the option to purchase additional leave;
At PwC, your well-being is our priority. That's why we offer a personal well-being budget to support your physical and mental health, as well as access to the well-being platform OpenUp;
The opportunity to work on challenging and meaningful client engagements, use leading technology including AI tools, learn from the best, and be supported through coaching. Together we work as an inclusive team to make real impact;
The flexibility of hybrid working, including a fully equipped home office and a monthly net expense allowance for internet and other costs;
Curious about everything else we have to offer? Discover all our benefits and ex
tras on our website.
Getting started at PwC
Are you interested in this vacancy? Let us know what motivates you and submit your details.
After your application:
You'll receive an immediate confirmation in your inbox;
If your qualifications match our profile, we'll contact you within two weeks for a short introductory conversation;
If everyone is enthusiastic, we'll schedule an short call. Depending on the outcome, you'll receive an invitation for a first interview.
Would you like more information about the role at PwC? Peter de Vries is happy to talk with you by email.
Peter de Vries – Lead Recruiter
#LI-PD1
Based on 1,615 disclosed Security salaries on RoleSuite, the role pays a median of $142K/year, with most offers between $114K and $180K (10th–90th percentile: $92K–$215K).
See the full Security salary breakdown →