Compliance Officer

The eScience Center is looking for a Policy and Compliance Officer (0,6-0,7 FTE).

The Netherlands eScience Center is expanding its expertise and is seeking an organized Policy & Compliance Officer to professionalize our governance, privacy, and information security frameworks. In this role, you will play a vital part in ensuring our operations securely and effectively support innovative research across all disciplines.

We are looking for a proactive colleague who combines analytical thinking with a hands-on approach, communicates effectively with diverse stakeholders, and thrives on bringing structure to an evolving organization.

Who are we?

The Netherlands eScience Center is the national centre for innovative software solutions in academic research. We aim to bridge the gap between digital technologies and scientific and academic research. We develop tools and digital methodologies that enable researchers from all disciplines to answer research questions, leveraging our unique combination of academic expertise and software development skills. We place great value on software quality and sustainability, as well as on the academic recognition of research software.

We stand for a research-driven, professional, collaborative, open, and inventive way of working. We expect our employees to align with these core values of the eScience Center. Our staff come from diverse educational, gender, and national backgrounds. We operate at the intersection of digital technology and academic research, with projects ranging from machine learning for climate science to GPU technology for high-energy physics and linked data for digital humanities.

What will you do?

As a Policy & Compliance Officer, you are the key driver in building and professionalizing our organization in the areas of information security, privacy, and governance. Within our organization (approx. 75 employees), this role is intentionally broad. You will combine strategic thinking with a hands-on approach, with the freedom to develop frameworks and implement them yourself.

You will work on establishing structures and processes around areas such as NIS2 compliance, ISO/NEN 27001/27002, GDPR, and archive and information management.

Information Security (CISO role)

• Develop and implement information security policies
• Set up and maintain an ISMS (Information Security Management System)
• Prepare and guide ISO/NEN 27001 certification
• Conduct threat, risk analyses and translate to measures
• Conduct awareness programs
• Classify and assess suppliers
• Report incidents and provide status updates in accordance with NIS2 requirements

Privacy & GDPR

• Act as Privacy Officer (operational) and primary contact for the Data Protection Officer (externally appointed)
• Conduct DPIAs and advise on privacy-related matters

AI Governance & EU AI Act

• Establish and maintain an AI governance framework in line with the EU AI Act
• Identify and classify AI systems according to risk categories (e.g., high-risk, limited risk)
• Ensure compliance with requirements for high-risk AI systems (e.g., risk management, transparency, human oversight)
• Implement processes for AI system documentation, monitoring, and logging
• Coordinate conformity assessments and maintain technical documentation
• Advise stakeholders on responsible and ethical AI use, including bias and fairness considerations
• Align AI governance with existing ISMS and GDPR frameworks
• Act as internal point of coordination for AI compliance and regulatory developments

Archive & Information Management

• Structure and improve document and archive management
• Ensure compliance with relevant laws and regulations
• Set up lifecycle management of information

Governance & Compliance

• Develop and implement policies, procedures, and guidelines aligned with relevant regulations and legislative frameworks
• Perform internal controls and audits
• Monitor and manage the review of documentation. Report to management on risks and progress

Who are you?

You are analytical, solution-oriented, and enjoy translating complex regulatory frameworks into pragmatic, workable solutions for a dynamic research environment. You are proactive and independent, with a natural ability to bring structure to an evolving organization. As a collaborative communicator, you connect easily with both technical experts and non-technical stakeholders, bringing flexibility and a strong sense of ownership to your work.

Your profile

• HBO/WO level of thinking and working
• Approximately 5–10 years of experience in: information security, compliance, risk, or IT
• Experience with (or knowledge of): ISO/NEN 27001/27002, GDPR, risk management
• Dutch language proficiency at B1 level or higher is required for this role, due to the need to work with Dutch-language policies, regulations, documentation, and stakeholders

Preferred qualifications

• Experience with implementation projects (e.g., ISO 27001, NIS2)
• Certifications such as CISSP, CISM, ISO 27001 Lead Implementer/Auditor
• Affinity with an academic setting
• Affinity with archiving/information management

Competencies

• Hands-on and pragmatic
• Self-organizing, independent and proactive
• Strong communication skills (with both technical and non-technical stakeholders)
• Able to bring structure to an organization moving toward the next level of maturity
• Analytical and solution-oriented

What we can offer you:

• Work at the forefront of cutting-edge international software enhanced research.
• Be part of a team of intelligent, collaborative and ambitious people with a passion for academic research.
• Extensive opportunity to further develop your professional and personal capacities.
• Salary scale 12, based on our Collective Labour Agreement (WVOI Cao-OI), depending on qualifications and expertise. It is a part-time appointment for 24-28 hours/week.
• Excellent secondary benefits: the possibility to work hybrid at the office and remote, travel and communication allowance, holiday allowance (8%), 42 holidays on a fulltime basis, a year-end bonus (8,33%), personal development budget, fitness plan, bicycle plan and flexible work from home options and facilities. Pension scheme via ABP.
• An informal and creative working environment.
• The opportunity to creatively help shape the future of the eScience Center.
• Room for initiative and ideas.

Want to join us?

Your application must contain a CV and a letter of motivation. The closing date to apply is 27 June 2026. A statement of good conduct (Verklaring Omtrent Gedrag - VOG) and reference check will be part of the procedure.

This vacancy is intended for candidates who are already living and working in the Netherlands. We are not offering international relocation support or visa sponsorship for this position.

For more information about job opportunities at the eScience Center or about the hiring process, send an e-mail to [email protected].

In the context of handling the job application procedure, the Netherlands eScience Center processes your personal data. Please find more information about this in our privacy policy.