Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and oversee information security strategies and compliance in a dynamic financial environment.
- Company: Join a leading financial services firm committed to cybersecurity excellence.
- Benefits: Attractive salary, comprehensive benefits, and opportunities for professional growth.
- Other info: Collaborative culture focused on innovation and continuous improvement.
- Why this job: Make a significant impact on security governance and protect vital information assets.
- Qualifications: 8+ years in ICT risk or cybersecurity with strong regulatory engagement experience.
The predicted salary is between 80000 - 100000 £ per year.
What you will be doing:
- Governance & Strategy: Develop, maintain, and oversee the Information Security and ICT Risk Management Frameworks in line with DORA, ISO 27001, NIST, and other applicable standards. Establish, maintain, and enforce security policies, standards, and procedures. Provide independent second-line challenge to first-line controls and risk management activities. Report on security posture to the Board and leadership team.
- Regulatory Compliance & Engagement: Ensure full compliance with DORA (ICT risk management, incident reporting, resilience testing, third-party risk), PSD2-SCA, PCI-DSS, SWIFT CSP, GDPR (as it relates to ICT), and EBA guidelines. Act as the primary liaison for DNB, EBA, and other regulators; manage regulatory inquiries, audits, inspections, and reporting obligations.
- Incident & Access Management: Own and manage end-to-end response to security incidents and data breaches, including coordination, escalation, investigation, containment, and regulatory reporting in line with DORA and GDPR. Oversee access control governance, including user provisioning, privileged access, and periodic access reviews. Manage KMS and (CBD) security practices in accordance with internal policies and regulatory expectations.
- Third-Party & Outsourced Security Oversight: Maintain ownership of all outsourced security activities (e.g., SOC, penetration testing providers), ensuring service quality, SLA adherence, and alignment with security and compliance requirements. Manage the ICT third-party risk lifecycle, including due diligence, ongoing monitoring, and maintenance of the DORA register of critical ICT third-party providers.
- Risk, Resilience & Assurance: Identify, assess, prioritise, and report ICT and cyber risks; define key risk indicators and present risk posture to the Board and Risk Committees. Oversee digital operational resilience testing (including threat-led penetration testing) and disaster recovery from an ICT perspective. Monitor the governance and technical effectiveness of cybersecurity controls (SIEM, EDR, DLP, IAM, vulnerability management, and data security) and track remediation of audit and assessment findings.
- Culture, Collaboration & Stakeholder Engagement: Deliver security awareness programmes and foster a security-conscious culture. Advise the local entity Board, senior management, and technology teams on risk posture, outsourcing, and major technology changes. Collaborate with and provide subject-matter expertise to the EMEA Information Security team on regional projects and BAU activities.
What we are looking for:
- 8+ years' experience in ICT risk, cybersecurity governance, or audit within financial services.
- Proven experience implementing DORA and engaging with DNB or comparable EU regulators.
- Strong technical foundation in cloud security, IT infrastructure, application security, and cyber threats.
- Strong knowledge of cloud security controls, SIEM, EDR, DLP, IAM, and security architecture.
- Awareness of AI security risks and controls.
- Experience in incident response and third-party security management.
- Ability to influence stakeholders, present to Boards and regulators, and operate independently in a second-line role.
- Fluent in English and Dutch.
- Demonstrated ability to lead complex security compliance, incident response, and security initiatives in regulated environments.
Head of Information Security, Netherlands in London employer: Ants
Contact Detail:
Ants Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Head of Information Security, Netherlands in London
✨Network Like a Pro
Get out there and connect with people in the industry! Attend events, webinars, or even local meetups. The more you engage with others, the better your chances of hearing about job openings that might not even be advertised.
✨Show Off Your Skills
When you get the chance to chat with potential employers, don’t hold back! Share your experiences and how you've tackled challenges in ICT risk and cybersecurity. We want to see your passion and expertise shine through!
✨Tailor Your Approach
Every company is different, so make sure you tailor your conversations to align with their values and needs. Research their current projects and challenges, and come prepared with ideas on how you can help them succeed.
✨Apply Through Our Website
Don’t forget to check out our website for the latest job openings! Applying directly through us not only shows your interest but also gives you a better chance of being noticed by our hiring team.
We think you need these skills to ace Head of Information Security, Netherlands in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV reflects the specific skills and experiences mentioned in the job description. Highlight your expertise in ICT risk, cybersecurity governance, and any relevant regulatory compliance experience to catch our eye!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for the Head of Information Security role. Share your passion for security and how your background aligns with our needs at StudySmarter.
Showcase Your Achievements: Don’t just list your responsibilities; showcase your achievements! Use quantifiable results to demonstrate how you've successfully managed security incidents or improved compliance in previous roles. We love seeing real impact!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, it shows us you’re genuinely interested in joining the StudySmarter team!
How to prepare for a job interview at Ants
✨Know Your Frameworks
Make sure you’re well-versed in DORA, ISO 27001, and NIST. Brush up on how these frameworks apply to the role and be ready to discuss your experience with them. This shows you’re not just familiar but can also implement and oversee these standards effectively.
✨Showcase Your Regulatory Experience
Prepare specific examples of your past interactions with regulators like DNB or EBA. Highlight any audits or compliance initiatives you've led. This will demonstrate your ability to manage regulatory inquiries and ensure compliance, which is crucial for this position.
✨Incident Management Insights
Be ready to talk about your approach to incident response and data breaches. Share a detailed example of a security incident you managed, focusing on your coordination and investigation skills. This will illustrate your hands-on experience and strategic thinking in high-pressure situations.
✨Engage with Stakeholders
Think about how you’ve influenced stakeholders in previous roles. Prepare to discuss how you’ve communicated risk posture to Boards or senior management. This will show your ability to engage and collaborate effectively, which is key for fostering a security-conscious culture.