Skip to content

    Security & Privacy Officer

    Job description

    Security & Privacy Officer

    Our Team

    We advocate for travel's positive impact on the world, guided by a vibrant culture rooted in established company values. We empower our people to innovate and grow.

     

    Our differences give us growth. Our diverse workforce originates from more than 50 countries, bringing together a depth of perspective and curiosity about the world. We encourage a culture of openness, curiosity, and flexibility—vital to deepening a shared understanding of our customers and each other.

     

    We have a flexible hybrid model, working from our Utrecht HQ and our homes in the Netherlands.

     

    Just as travel is about discovery, we're searching for the right people to join our team. Are you ready to inspire the world through travel?

    What you’ll be doing

    You’ll be joining the Security and Privacy team responsible for implementing the IT security and privacy strategy, managing IT risk and ensuring compliance with regulatory and organizational IT policies. You will work closely with product and technical teams as well as management to identify, assess, and mitigate IT risks, while supporting the development and implementation of security and privacy initiatives, reporting to the Security and Privacy Manager.

     

    You’ll be involved in:

    • Implement IT Strategy for Security and Privacy, taking ownership of program initiatives to ensure continuous improvement of Eurail’s IT risk and control landscape based on industry and security best practices and standards (ISO, ITIL, NIST) and regulatory compliance requirements (GDPR, AI, CRA etc.).

    • Collaborate across teams and management to bridge governance and technical domains, to build understanding and manage IT risks

    • Lead IT risk assessments on tooling, systems, and product development to ensure security and data protection requirements are met in an agile environment.

    • Plan, manage, and coordinate our security testing program, vulnerability management program, and advise on security incident response.

    • Act as a trusted advisor on privacy compliance and data protection, providing expert guidance on regulatory requirements and best practices to ensure compliance across the organisation.

    • Assist in the preparation and performance of IT audits, and work with relevant teams to address and resolve IT audit findings.

    • Promote a culture of security and data protection awareness across the organization by supporting and providing training and awareness communication.

     

    What we’re looking for

    It's already a possible match when you share the same mindset as us, being forward-thinking, results-driven, caring and embracing diversity.

    In terms of your experience and skills:

    • 4+ years’ experience in IT assurance, compliance, risk management, or internal control.

    • IT degree in information systems, cyber-security or a comparable/ related discipline.

    • Relevant certifications such as CISM, CIPP/E, CIPM, CIPT, CISA, CISSP, ISO27001, CEH etc.

    • Demonstrable experience with security and risk frameworks such as ISO27001, ISO27701, NIST, COBIT.

    • Knowledge of cloud-based controls (AWS specific is beneficial), secure development principles and common application vulnerabilities

    • Effective communication skills are very important

    • Business level proficiency in English.

    • Analytical and problem-solving mindset

    • Proactive and independent work style

     

    In addition, it’s extra credit if you have…

    • Knowledge of the SAFe framework

    • A love of sustainable travel! 

     

    Our offer

    • Our hybrid work model offers flexibility in when and where you work. Whether you need collaboration, quiet time, or social interaction—online or in-person—it's all possible, but some office days per week are required.

    • A complimentary NS train card to travel across the Netherlands for work and leisure.

    • An annual free Interrail/Eurail travel pass for you and a companion, so you can explore Europe and share the same experiences as our customers.

    • Unlimited access to OpenUp for lifestyle & well-being recommendations.

    • Support for your well-being through a generous personal allowance.

    • The freedom to develop your personal and professional growth plan using your training budget.

    • An annual team trip across Europe to experience our product first-hand.

    • An annual leave package of 28-30 days, plus study days, culture day, volunteer days, and Good Friday.

    • Salary Scale: 59, Monthly gross salary (excluding 8% allowance): €4500 - 6000 (full-time) based on experience.

    Curious to apply?

    Apply directly via our website (https://jobs.eurail.com/en/vacancies).

     

    • We'll ask you to share your resume in English (our business language) and tell us why you're interested in Eurail and this particular role. It doesn't hurt to be creative; we enjoy seeing your personality shine through.

    • As part of the process, we may also ask you to complete a short assessment to showcase your skills.

     

    If we consider you a good candidate, the next step is a relatively informal interview with some of your potential new team members. For you, this is a chance to understand if Eurail is your ideal workplace, and for us, it tells us more about the value you would bring.

     

    In the meantime…

    If you’re curious, why not check us out on LinkedIn and get a feel for our culture, values, and place worldwide? And we’re eager to answer any questions you might have too… send them over to jobs@eurail.com and our People & Culture team will pick them up.

    Hybrid

    or