Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions
Login
Nederlands

Domain names

Overviewpage Domain names

Cybersecurity

Overviewpage Cybersecurity

Who we are

Overviewpage About SIDN

What we do

SIDN Labs

Homepage SIDN Labs

News

Domain names

Overviewpage Domain names

Who we are

Overviewpage About SIDN

What we do

SIDN Labs

Homepage SIDN Labs

News

Cybersecurity

Overviewpage Cybersecurity

Vacancies

Loading vacancies
More vacancies

News

Loading news
More news and blogs

News

Loading news
More news and blogs

Technical Security Officer

You’ll be responsible for designing, implementing and continuously refining SIDN’s Continuous Threat & Exposure Management (CTEM) and Vulnerability Management frameworks.

  • Working week: 40 hours a week
  • Experience: At least 3 to 5 years' experience working in a similar role.
  • Education: Higher vocational working and reasoning ability.
  • Mindset: You translate security exposure intelligence into controllable risks, and you ensure that security is integral to design.
  • Salary: € 4.040 - € 5.800 based on a 40-hour week
Apply now
How you'd explain your job at a party

I substantiate security risks and I help teams to tackle important vulnerabilities in a targeted way.

Your role

Your job will involve identifying, validating and prioritising security exposures, so that risks can be demonstrably and effectively reduced on the basis of business impact. You’ll act as our discipline expert and architectural advisor, and you’ll challenge our IT teams to systematically manage security risks.

Your rokle

Continuous Threat & Exposure Management (CTEM)

- Developing, implementing and maintaining the CTEM framework within SIDN;

- Coordinating the entire CTEM cycle:

  • Discover: investigation of attack surface and exposure;

  • Prioritise: risk-based prioritisation within the business context;

  • Validate: exposure validation, e.g. using Pentera;

  • Mobilise: coordination of mitigation measures with IT teams;

  • Monitor: continuous adjustment and refinement.

- Determining whether vulnerabilities are actually exploitable within the SIDN context.

Vulnerability Management

- Taking ultimate responsibility for the vulnerability management process:

  • Analysing scan results;

  • Interpreting findings;

  • Advising on mitigation measures.

- Prioritising vulnerabilities on the basis of:

  • Exploitability;

  • Attack routes;

  • Threat relevance;

  • Business impact.

- Monitoring progress and effectiveness of measures undertaken.

- Architecture and advise:

  • Advising on technical and architectural decisions and their implications for exposure and risk;

  • Helping IT teams to make secure design and implementation decisions;

  • Acting as a sparring partner for the CISO and the Security Services team.

- Collaboration and communication:

  • Actively liaising with IT teams and platform teams about risks and priorities;

  • Translating technical findings into understandable risk statements for management;

  • Preparing reports on exposure status and risk reduction.

- Automation and tooling:

  • Effective deployment and management of CTEM and exposure tooling (e.g. Pentera);

  • Initiating automation and scripting (e.g. PowerShell, Python, APIs) where they can improve effectiveness;

  • Continuous improvement of processes and working methods.

- Knowledge-sharing and mentoring:

  • Sharing knowledge and best practices within the Security Services team;

  • Contributing to the further professionalisation of security competences within SIDN.

- Powers:

  • Advising on architecture, design and mitigation decisions;

  • Initiating improvements in the field of exposure and vulnerabilities;

  • Identifying and escalating unacceptable risks to the CISO.

Your skills

Our core values of customer focus, trustworthiness, innovation, independence and professionalism strike a chord with you. And you want to keep learning and developing. If that sounds like you, you'll fit right in! Because we allow people to be themselves.

You'll also have:

  • Higher vocational working and reasoning ability;

  • At least 3 to 5 years' experience working in a similar role.

Discipline-specific

Thorough knowledge of:

  • Vulnerability Management;

  • Continuous Threat & Exposure Management.

Extensive basic technical knowledge of:

  • Network and infrastructure security;

  • IAM / PAM;

  • Cloud security;

  • Endpoint security;

  • Application security.

Knowledge of attack chains and exposure thinking.

Experience of exposure validation and security testing (e.g. Pentera).

Skills:

  • Strong analytical skills and risk-based working capability;

  • Ability to clearly communicate complex technical risks;

  • Architectural thinking ability;

  • Experience of scripting and automation is desirable.

Personal competences:

  • Challenger mindset in relation to IT (critical, constructive);

  • Persuasiveness and teamwork-focused mindset;

  • Pragmatism and result-focused mindset;

  • Coaching ability and openness to knowledge-sharing;

  • Independence combined with commitment to the organisation’s interests.

Result fields:

  • Accessible, validated overview of exposure and vulnerabilities;;

  • Effective risk-based prioritisation of security measures

  • Demonstrable reduction in exploitable risks;

  • Improved collaboration between Security and IT.

We are SIDN

The internet. The internet is the biggest and most successful global collaboration of all time. Once something new and spellbinding, it's now an integral part of everyday life for almost everyone in the Netherlands. As a result, many people take the internet for granted. But, for us, the wonder remains.

We are SIDN. We began as internet pioneers, and forged an identity as digital thinkers and doers, shaping the reality of today and tomorrow. We have a strong sense of shared responsibility for the internet in the Netherlands. A responsibility that we willingly accept. A responsibility that we work to fulfil, every hour of every day. We bring people together by operating a .nl domain that's secure and technically reliable. And, because the internet is a highly dynamic environment, we are constantly anticipating what's required and adapting our services to match.

In a world of opportunities and challenges, we're dedicated to enabling confidence online. We're a small organisation with big ambitions. Our highly motivated professionals are passionate about their work, and proud of the difference they make and the people they work with. Together, we're always reaching for the heights. How about you?

Read more about SIDN

What you can expect

For us, it's all about balance. Balance between hard work and relaxation, between performance and reward, between your ambitions and ours, between an inspiring office environment and the convenience of working from home, and of course between professional and private life. As well as utilising the latest, proven internet technologies, we also work with modern IT systems for easy collaboration, remotely, physically and in hybrid forms. We also make sure that our people have well-equipped home workstations, plus access to an office space with everything they need to get together, collaborate and inspire each another.

If you want to go running or visit granny during office hours, we're okay with that. And if you fancy a workation, that can be arranged. As long as you live up to your professional responsibilities, we'll work out between us exactly how and when you do your work. And we're not fans of annual performance appraisal. What really matters is year-round personal development and results. Where you take the lead. It’s a philosophy that our personnel really like: Effectory designated us a Worldclass Workplace for 2025-2026. Recognition for our passion and outstanding employment practices.

Pay and other benefits

What’s in it for you? First, ample opportunity for growth and skills development. After all, you'll be helping us take our IT set-up in a whole new direction. On-the-job growth will go hand-in-hand with training-based personal development -- for which we have a generous budget! There's an attractive benefits package as well:

  • Gross monthly salary of up to €5,800, depending on experience

  • Holiday pay of 8 per cent, plus a thirteenth salary payment

  • A variable collective bonus of up to 4 per cent

  • An attractive extra bonus if you introduce us to a new colleague

  • A basic holiday allowance of 25 days, plus scope for building up to 13 days' occasional leave entitlement, if you work full time

  • A pension with ABP

  • A business rail card if you come to work by public transport

  • A travel allowance if you come to work using your own transport

  • Travel allowance of €0.33 per kilometre for business travel

  • A PluralSight licence and the opportunity to acquire other certificates

  • A daily home working allowance for every day that you work from home

  • A complete, healthy home workstation

  • €55 a month (net) for your home broadband

  • €25 a month (gross) contribution to your health insurance

  • Additional parenthood leave on full pay

  • An optional cycle lease scheme, where SIDN covers 50 per cent of the lease cost, up to a maximum of €60 (gross) per month

  • €500 a year to donate to a good cause of your choice

  • Your own .nl domain name and hosting package

  • Ample education and training opportunities

  • Professional coaching and budget coaching

  • A relocation allowance if taking the job means moving house

Everything above is for a full-time role (40-hour week).

The selection procedure includes screening, which involves obtaining a Certificate of Good Behaviour (similar to a criminal record check), and performing reference and integrity checks.

Like the sound of this job? Let's connect!

If you've read this far, we reckon you should definitely get in touch. Drop us a line, give us a call or apply now!

About the application process:

Inge Loeff

Corporate recruiter

+31620079900

inge.loeff@sidn.nl

Contact

Ferry Stelte

Chief Information Security Officer (CISO)

026 352 5500

ferry.stelte@sidn.nl

Apply directly

This form needs javascript to work. Please enable javascript to continue.

Fields with * are required.

The form is being sent. Please wait.
Oops! Unfortunately something went wrong while submitting your application. Please try again or contact our corporate recruiter, on recruitment@sidn.nl.
Thank you for your interest in SIDN. We have received your application safely and will be in touch within 3 business days to update you on the appointment process. If you have any questions regarding your application, please contact our corporate recruiter, on recruitment@sidn.nl.
There is no application form for this position

What happens once I've applied?

  • Application

  • First interview

  • Second interview

  • Contract offer

  • Start your dream job