Senior Information Security Engineer
- Recruiter
- The RIPE NCC
- Location
- Amsterdam, Netherlands
- Salary
- EUR 70.00 - 90.00 per hour
- Posted
- 01 Feb 2025
- Closes
- 03 Mar 2025
- Ref
- -8504900761770040286
- Job Type
- Information Security
- Employer Sector
- Technology, IT & Telecoms
- Contract Type
- Permanent
- Hours
- Full Time
Salary: up to EUR 85,000 plus excellent secondary benefits (see below)
Hybrid: From home and our office at Amsterdam Central Station
Location: Netherlands-based
Work Hours: 37.5 hours per week, full-time basis
We are seeking an experienced Information Security Engineer who is passionate about supporting the well-being of the Internet. In this role, you'll have the opportunity to work with advanced technologies, contributing to projects that support the technical core of the Internet.
As a Senior Information Security Engineer, you will play a crucial role in securing the RIPE NCC's services and data, responding to security incidents, and enhancing our cloud security controls. You will work closely with system, network, and software engineers across the company, supporting the Chief Information Security Officer and our team of Information Security Engineers.
What you will be doing:
What we're looking for:
We would also appreciate:
What you can expect from us:
The Information Security department
We're a team of Information Security engineers and practitioners who care deeply about the good of the Internet. We like to find security issues and fix them, automate as much as we can, do threat hunting, respond to incidents, and have fun along the way. We're active in the RIPE and CSIRT communities, attending their events, sharing our knowledge, and learning from our peers.
About the RIPE NCC
The RIPE NCC is a not-for-profit organisation founded on the belief that the Internet should be governed openly, transparently and together with the wider Internet community. We are one of the oldest Internet organisations in Europe and are proud of our legacy.
Our strength is our staff. We bring together more than 180 people from over 40 countries in our modern, vibrant office in the east wing of Amsterdam Central Station. Currently, we have a hybrid way of working and allow our staff to work from their homes and the office. Our official working language is English, but our colleagues speak more than 30 languages.
Our backgrounds are diverse, but our goal is the same: we work for the good of the Internet. Will you join us?
How to apply
If interested, please click the 'Apply' button and submit your CV and cover letter in English. Not ready to apply yet? Then send an email to , and we can have an informal chat.
At the RIPE NCC, we are proud to serve our members and the RIPE community in 76 countries across Europe, the Middle East and Central Asia. We celebrate unique perspectives and talents from different backgrounds and cultures. So if you're passionate about what you do and want to help shape the future of the Internet, apply now - we'd love to hear your story.
Please note that due to the nature of our activities, we will require successful candidates to follow a pre-employment screening (conducted by our partner Validata). This involves requesting a criminal record and education certificates.
MEET THE TEAM:
What's it like working in information security at the RIPE NCC? We sat down with Bryce Verdier, who has been a Specialist Information Security Officer with us for one year. Here's what he had to say.
What do you like the most about working at the RIPE NCC?Every day comes with new challenges. And while that is normal for a lot of Information Security roles in the world, it is especially true at the RIPE NCC. Also, working for an organisation that helps maintain the Internet provides meaning to the work. Not everyone gets to say that they help protect "the Internet".Which are the current challenges of your team? The Information Security team, much like the broader cyber/information security industry, is entering a new stage of maturity. We are focused on making our processes more repeatable and automatable. At the same time, we need to engage more with internal and external stakeholders. Therefore, being a strong communicator, not just a skilled engineer, is essential to achieving the group's goals.How would you describe the atmosphere in your team? We are a small team that has a very important role within the organisation. We do our best to be both efficient and effective with the work that we do. Because of this, we try to take care of one another and make sure that there is the space to take care of ourselves.
Hybrid: From home and our office at Amsterdam Central Station
Location: Netherlands-based
Work Hours: 37.5 hours per week, full-time basis
We are seeking an experienced Information Security Engineer who is passionate about supporting the well-being of the Internet. In this role, you'll have the opportunity to work with advanced technologies, contributing to projects that support the technical core of the Internet.
As a Senior Information Security Engineer, you will play a crucial role in securing the RIPE NCC's services and data, responding to security incidents, and enhancing our cloud security controls. You will work closely with system, network, and software engineers across the company, supporting the Chief Information Security Officer and our team of Information Security Engineers.
What you will be doing:
- Security Infrastructure: Develop and manage information security infrastructure, including network intrusion detection systems (NIDS), security information and event management (SIEM), endpoint detection and response (EDR) and vulnerability scanning tools.
- Linux Security: Implement and maintain best practices for securing Linux-based systems, including hardening, monitoring, and privileged access management.
- Cloud Security: Design, implement, and mature AWS cloud security controls (e.g., AWS WAF, GuardDuty, IAM, Security Hub) and provide general oversight for secure architectures in AWS.
- Incident Response: Lead and support in security incident processes to investigate and respond to security incidents across on-prem and cloud environments.
- Vulnerability Management: Identify, prioritise, and guide remediation of vulnerabilities, working closely with engineering teams.
- Threat Analysis: Stay updated with emerging security threats and trends.
- Collaboration: Collaborate with cross-functional teams to design and implement security technologies and advise on secure by design architecture tailored to organisational needs.
- Security Audits and Compliance: Assist in audits, ensure compliance with policies and standards (e.g., ISO 27001, SOC 2, GDPR), and recommend improvements where necessary.
What we're looking for:
- Bachelor's degree in IT, Information Security, or related field preferred (relevant experience is also acceptable) and, at least, five years of experience in information security roles.
- Expertise in securing hybrid environments, particularly Linux-based systems and AWS cloud services.
- Hands-on experience with automation, scripting, and security tools (e.g., Python, Bash, Terraform, Ansible).
- Experience in security incident investigations.
- Proficiency with security tools such as NIDS, SIEM, EDR, log aggregation, vulnerability scanning tools and Linux command-line tools.
- Ability to develop and implement automations, with a preference for Python programming experience.
- Familiarity with querying relational databases for security purposes, particularly large and complex datasets.
- Strong security mindset, ability to prioritize tasks, and manage workload. Also strong analytical, problem-solving, and innovative thinking skills.
- Effective stakeholder engagement and a hands-on approach to security.
- Proficiency in English (both written and spoken).
We would also appreciate:
- Security certifications such as CISSP, OSCP, AWS Certified Security, or GIAC.
- Experience with programming languages, CI/CD tooling, and infrastructure as code.
- Knowledge of security frameworks like ISO 27001, CIS Critical Security Controls and MITRE ATT&CK framework.
What you can expect from us:
- A flexible and informal work environment with an emphasis on healthy work/life balance. We are in the office on Mondays and Thursdays and work remotely the rest of the week.
- An annual salary between EUR 72,000 to EUR 85,000 (before tax). This includes the standard 8% annual "holiday pay".
- Excellent secondary benefits: 5% end-of-year allowance, annual budgets for health, transportation and technology purposes, non-contributory pension scheme, paid parental leave, top-tier health insurance coverage for you and your family and 33 vacation days (full-time 37.5 hours).
- A generous training budget each year that can be used for professional development.
- Organisation-wide internal training program designed to develop critical soft skills-like feedback, resilience, and leadership-giving you the tools to excel in your career and beyond.
- An in-house free barista providing healthy, varied lunches on Tuesdays and Wednesdays and nice breakfasts on Thursdays, plus regular office drinks.
- Delightful team events such as: Team outings, Christmas party and a summer BBQ.
The Information Security department
We're a team of Information Security engineers and practitioners who care deeply about the good of the Internet. We like to find security issues and fix them, automate as much as we can, do threat hunting, respond to incidents, and have fun along the way. We're active in the RIPE and CSIRT communities, attending their events, sharing our knowledge, and learning from our peers.
About the RIPE NCC
The RIPE NCC is a not-for-profit organisation founded on the belief that the Internet should be governed openly, transparently and together with the wider Internet community. We are one of the oldest Internet organisations in Europe and are proud of our legacy.
Our strength is our staff. We bring together more than 180 people from over 40 countries in our modern, vibrant office in the east wing of Amsterdam Central Station. Currently, we have a hybrid way of working and allow our staff to work from their homes and the office. Our official working language is English, but our colleagues speak more than 30 languages.
Our backgrounds are diverse, but our goal is the same: we work for the good of the Internet. Will you join us?
How to apply
If interested, please click the 'Apply' button and submit your CV and cover letter in English. Not ready to apply yet? Then send an email to , and we can have an informal chat.
At the RIPE NCC, we are proud to serve our members and the RIPE community in 76 countries across Europe, the Middle East and Central Asia. We celebrate unique perspectives and talents from different backgrounds and cultures. So if you're passionate about what you do and want to help shape the future of the Internet, apply now - we'd love to hear your story.
Please note that due to the nature of our activities, we will require successful candidates to follow a pre-employment screening (conducted by our partner Validata). This involves requesting a criminal record and education certificates.
MEET THE TEAM:
What's it like working in information security at the RIPE NCC? We sat down with Bryce Verdier, who has been a Specialist Information Security Officer with us for one year. Here's what he had to say.
What do you like the most about working at the RIPE NCC?Every day comes with new challenges. And while that is normal for a lot of Information Security roles in the world, it is especially true at the RIPE NCC. Also, working for an organisation that helps maintain the Internet provides meaning to the work. Not everyone gets to say that they help protect "the Internet".Which are the current challenges of your team? The Information Security team, much like the broader cyber/information security industry, is entering a new stage of maturity. We are focused on making our processes more repeatable and automatable. At the same time, we need to engage more with internal and external stakeholders. Therefore, being a strong communicator, not just a skilled engineer, is essential to achieving the group's goals.How would you describe the atmosphere in your team? We are a small team that has a very important role within the organisation. We do our best to be both efficient and effective with the work that we do. Because of this, we try to take care of one another and make sure that there is the space to take care of ourselves.