We are an equal opportunities employer and place where everyone is welcome. We strongly encourage people from minority backgrounds, LGBTQIA+, parents, and individuals with disabilities to apply. If you need reasonable adjustments at any point in the application or interview process, please let us know.

In your application, please feel free to note which pronouns you use (For example - she/her/hers, he/him/his, they/them/theirs, etc).

We’re one of the world’s largest privately owned real estate tech companies and a subsidiary of Axel Springer. Our mission is to unlock everyone’s perfect place! Some of Europe’s best known digital real estate marketplaces and brands form part of our Group, they are: Meilleurs Agents, Groupe SeLoger, Immoweb, Immowelt, Housell and Yad2.

We also invest in innovative business models which shape the future of how people buy, sell, rent or lend properties and hold minority participations in companies such as: PurpleBricks, Homeday, Zumper and Parcel.

Our ambition is to be the leading Employer in PropTech across Europe and this is a pivotal time to join us as we embark on this journey enabling us to help unlock everyone’s perfect place!

THIS ROLE IS BASED IN OUR AVIV SECURITY TEAM

An exciting time to join this newly created function. This role reports directly to the Head of GRC, and the Security Officer will contribute to the implementation of the Information Security Governance, Risk and Compliance function.

The Security Officer will write and publish information security policies, standards and controls. He/She/They will participate in GRC projects, develop project plans and timelines and coordination of project resources.

WE ARE LOOKING FOR AN INDIVIDUAL WHO CAN :

Policies

• Contribute to the development and improvement of the security policies, guidelines and best practices; help with their implementation and evaluation of problem situations.
• Monitoring and reporting on the adherence to the established policy, guidelines and related measures.

RISK

• Identifying, assessing, prioritising and dealing with risks in the field of information security and advising on the implementation of appropriate and effective controls.

Training

• Build awareness by training the company on cyber security topics and promote a culture of security throughout the company.

Incident response

• Coordinate and develop investigative, mitigation and remediation actions to identified events and incidents within the company both internal and external.

Auditing, Monitoring & testing

• Research, evaluate, design, test, recommend, and implement new network security tools such as WAF, IDS/IPS, SIEM, and anti-DDoS tools.
• Report common and repeat problems to management and propose process and technical improvements.Web Application Firewall management and improvement
• Contribute to the business continuity management and provide an annual exercise in which an (IT) incident is simulated.

Work with others

• Work in close collaboration with the IT team to ensure consistency of IT architecture and cyber security protection layers including cloud infrastructure and software best practices.
• Work closely together with the company DPO (Data Protection Officer) & CISO.

Knowledge

• Review and advise on new technologies to make sure they are set up securely.
• Keep an eye on the evolution of cyber security landscape.

Documentation

• Maintain information in the security management system (procedures, registers, instructions, etc), Document processes, Implement and follow KPI’s for control.
• Ensure we're compliant with legal and contractual security obligations.

AN INDIVIDUAL WHO HAS :

• Good knowledge of security management techniques and or frameworks (e.g. ISO 270001, NIST 800, CIS)
• Excellent knowledge and experience with cybersecurity incident response processes.
• Strong practical experience with security technology for cloud environments (preferably AWS).
• Good knowledge of principles, policy and procedures governing cybersecurity, along with best practices and industry standards;
• Experience with network essentials, with good understanding of concepts such as OSI model and networking (TCP/IP, DNS, HTTP, SSL/TLS)
• A hands-on experience in security-related technologies, e.g. firewalls, WAFs, IDS/IPS systems, anti-virus software etc.
• Knowledge of existing network infrastructure & amp; multi service provider architecture.
• Good understanding Data Privacy and GDPR.
• Experience with investigation techniques, training and risk analyses,
  preferably in an operational environment.
• Good communication and interpersonal skills and maintain a good
  relationship with other stakeholders, are willing to work with teams and are
  autonomous.

It would be a plus if you have :

• Experience with application security testing.
• Experience in (web) development.
• Cyber Security related certifications (such as AWS Security Specialist certification, CISSP, CISM, CISA, ISO Lead Auditor etc.).
• 5 to 10 years of relevant work experience in a similar position (security governance, network/cyber security, security operations etc).
• 3-5 years relevant experience in a cloud-based environment, preferably on AWS.

The candidate must be fluent in English (French or Dutch are a plus).

WHAT WE OFFER YOU :

• We are one of the leading PropTech platforms in Europe. If you’ve ever rented or purchased a property then you may have used one of our classified portals. This is a great time to join us to help elevate our AVIV brand.
• A high visibility role in our organisation reporting into our Head of GRC.
• The opportunity to work hybrid within our operating footprint with international travel to our locations in France, Belgium and Germany.
• The autonomy to work in a style which suits you to be the most productive
• The freedom to tell us which tools you need to be successful in your job so we can set you up to make it happen.