Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and oversee information security strategies and frameworks for a global tech company.
- Company: Ant International, a leader in digital payment and financial services innovation.
- Benefits: Competitive salary, flexible working options, and opportunities for professional growth.
- Other info: Join a dynamic team focused on responsible innovation and market accessibility.
- Why this job: Make a significant impact on global commerce through innovative security solutions.
- Qualifications: 8+ years in ICT risk or cybersecurity, with strong regulatory compliance experience.
The predicted salary is between 80000 - 100000 £ per year.
About Us
Ant International powers the future of global commerce with digital innovation for everyone and every business to thrive. In close collaboration with partners, we support merchants of all sizes worldwide to realise their growth aspirations through a comprehensive range of tech-driven digital payment and financial services solutions.
Description
With a focus on Travel, Trade, Technology, and Talent, Ant International is committed to enhancing the digital mindset and capacities of businesses worldwide. Through fostering collaborative efforts with partners, we are driving responsible innovation and increasing market accessibility for global SMEs. We do so across our 4 key businesses: Alipay+, Antom, WorldFirst and ANEXT Bank.
What You Will Be Doing
- Governance & Strategy
- Develop, maintain, and oversee the Information Security and ICT Risk Management Frameworks in line with DORA, ISO 27001, NIST, and other applicable standards.
- Establish, maintain, and enforce security policies, standards, and procedures.
- Provide independent second-line challenge to first-line controls and risk management activities.
- Report on security posture to the Board and leadership team.
- Regulatory Compliance & Engagement
- Ensure full compliance with DORA (ICT risk management, incident reporting, resilience testing, third-party risk), PSD2-SCA, PCI-DSS, SWIFT CSP, GDPR (as it relates to ICT), and EBA guidelines.
- Act as the primary liaison for DNB, EBA, and other regulators; manage regulatory inquiries, audits, inspections, and reporting obligations.
- Incident & Access Management
- Own and manage end-to-end response to security incidents and data breaches, including coordination, escalation, investigation, containment, and regulatory reporting in line with DORA and GDPR.
- Oversee access control governance, including user provisioning, privileged access, and periodic access reviews.
- Manage KMS and (CBD) security practices in accordance with internal policies and regulatory expectations.
- Third-Party & Outsourced Security Oversight
- Maintain ownership of all outsourced security activities (e.g., SOC, penetration testing providers), ensuring service quality, SLA adherence, and alignment with security and compliance requirements.
- Manage the ICT third-party risk lifecycle, including due diligence, ongoing monitoring, and maintenance of the DORA register of critical ICT third-party providers.
- Risk, Resilience & Assurance
- Identify, assess, prioritise, and report ICT and cyber risks; define key risk indicators and present risk posture to the Board and Risk Committees.
- Oversee digital operational resilience testing (including threat-led penetration testing) and disaster recovery from an ICT perspective.
- Monitor the governance and technical effectiveness of cybersecurity controls (SIEM, EDR, DLP, IAM, vulnerability management, and data security) and track remediation of audit and assessment findings.
- Culture, Collaboration & Stakeholder Engagement
- Deliver security awareness programmes and foster a security-conscious culture.
- Advise the local entity Board, senior management, and technology teams on risk posture, outsourcing, and major technology changes.
- Collaborate with and provide subject-matter expertise to the EMEA Information Security team on regional projects and BAU activities.
What We Are Looking For
- 8+ years’ experience in ICT risk, cybersecurity governance, or audit within financial services.
- Proven experience implementing DORA and engaging with DNB or comparable EU regulators.
- Strong technical foundation in cloud security, IT infrastructure, application security, and cyber threats.
- Strong knowledge of cloud security controls, SIEM, EDR, DLP, IAM, and security architecture.
- Awareness of AI security risks and controls.
- Experience in incident response and third-party security management.
- Ability to influence stakeholders, present to Boards and regulators, and operate independently in a second-line role.
- Fluent in English and Dutch.
- Demonstrated ability to lead complex security compliance, incident response, and security initiatives in regulated environments.
Head of Information Security, Netherlands employer: WorldFirst
Contact Detail:
WorldFirst Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Head of Information Security, Netherlands
✨Tip Number 1
Network like a pro! Get out there and connect with people in the industry. Attend events, join online forums, and don’t be shy to reach out on LinkedIn. You never know who might have the inside scoop on job openings!
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their products and services, especially in the realm of digital payments and financial services. This will help you tailor your answers and show that you’re genuinely interested in what they do.
✨Tip Number 3
Practice makes perfect! Conduct mock interviews with friends or use online platforms. Focus on articulating your experience in ICT risk and cybersecurity governance clearly, as this is crucial for the role you're aiming for.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who take the initiative to engage directly with us.
We think you need these skills to ace Head of Information Security, Netherlands
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Head of Information Security role. Highlight your experience in ICT risk and cybersecurity governance, especially any work with DORA or EU regulators. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how your background makes you a perfect fit for our team. Don’t forget to mention your experience with cloud security and incident response.
Showcase Your Achievements: When detailing your experience, focus on specific achievements rather than just duties. Did you lead a successful incident response? Did you implement a new security policy that improved compliance? We love numbers and results!
Apply Through Our Website: We encourage you to apply through our website for the best chance of getting noticed. It’s super easy, and you’ll be able to keep track of your application status. Plus, we love seeing applications come directly from our site!
How to prepare for a job interview at WorldFirst
✨Know Your Frameworks
Make sure you’re well-versed in DORA, ISO 27001, and NIST standards. Brush up on how these frameworks apply to the role and be ready to discuss your experience with them. This shows you’re not just familiar but can actively contribute to governance and strategy.
✨Showcase Your Incident Management Skills
Prepare specific examples of how you've handled security incidents in the past. Talk about your approach to coordination, escalation, and regulatory reporting. This will demonstrate your capability in managing end-to-end responses effectively.
✨Engage with Regulatory Knowledge
Familiarise yourself with the compliance landscape, especially around DNB and EBA guidelines. Be prepared to discuss how you’ve navigated regulatory inquiries or audits before. This will highlight your ability to act as a liaison and manage compliance effectively.
✨Demonstrate Stakeholder Engagement
Think of instances where you’ve influenced stakeholders or presented to boards. Highlight your communication skills and how you’ve fostered a security-conscious culture within teams. This is crucial for showing you can collaborate and advise effectively.