By ensuring bol remains an unquestionably secure environment to shop and sell. This may sound simple, but it’s not because we innovate rapidly and strive to maximize the benefits of the latest (often complex) technology. Moreover, bol isn’t just popular with 13 million customers; ‘black hats’ also appreciate our platform’s potential. So this role comes with considerable impact. All the more because almost every business and IT development team depends on a reliable and secure infrastructure for partner collaboration. Can you deliver that?

Stems from our rapid innovation pace, which we achieve by leveraging external expertise. Since almost every innovation – from minor UX changes to impactful new propositions – includes an IT component, our external partners must also keep the security perspective top of mind. You must also manage the increasingly regulated (DORA, NIS2, etc.) nature of supplier management. You will have to continuously challenge the business. A tough job, that occasionally requires making (abrupt) course corrections!

As the 3rd Party Security Manager, you’re the ‘security conscience’ for our business and IT units when it comes to collaborating with third parties, integrating risk management, and regulatory compliance. You’ll help colleagues across bol integrate business partners into the bol IT ecosystem securely. You’ll make colleagues aware that security is a crucial prerequisite for success, and help them act accordingly. Additionally, together with your colleagues, you’ll monitor the entire landscape, including risk profiles and vulnerabilities. Spot something? Then you’ll take the appropriate steps to contain potential threats. In addition to advising the business, you scrutinize risky business partners to the extent warranted (audits/reviews) and advise business owners on how to address and mitigate undesirable risks.

While not your primary focus, you also manage business partner compliance checks. You continually search for ways to improve the security of our platforms and tools, and personally manage the resulting improvement projects. What’s happening in the organization? How can you persuade colleagues who’ve thought of an excellent customer innovation to consider the security implications for customers and sellers more carefully? And how can you ensure that everyone keeps security  top of mind, as it should be? Topics you can tackle include:

• Integrating new business partners securely
• Security-auditing business partners
• Identifying and mitigating risks with business stakeholders
• Assessing and promoting 3rd party management & compliance policy
• Coordinating security incidents at our partners
• Establishing processes and tools for scalable business partner risk management
• Promoting the ‘Think Like A Hacker’ mindset within the organization: inspire colleagues to reflect on the security implications of new initiatives, and don’t hesitate to challenge even the most beautiful ideas

Because you’re a self-reliant and pragmatic Cybersecurity specialist, eager to make an impact in the field of secure shopping and selling with your business stakeholders. A background in Cybersecurity consultancy would be a great match, especially if you’ve supplemented that with business experience. You’ll spend part of your time in the operational trenches at bol. That needs to suit you. The role also requires you to get colleagues on board, book results, and intervene in projects and proposals (kindly but firmly) when the situation calls for it. We also expect you to have the self-confidence to brief senior management on our work. You are not the kind of person who leans back after emailing a recommendation. You want to see your recommendations implemented and create the traction and commitment that requires.

The Cybersecurity department is part of our broader Tech operation, which consists of five sub-teams with distinct focus areas. We embrace experimentation and new technologies, continually discovering new security opportunities and challenges. As for the atmosphere? Never a dull moment, open-minded, and no ‘holier-than-thou’ mentality. Our strength is that we collaborate as equals, sharing insights and continually improving one another. You can achieve great things on your own as our 3rd Party Security Manager, but so much more with your colleagues. You’re never alone.