Job Application for IT Security Officer at Sytac

Back to jobs

At Sytac, we build high-performing engineering, data, and security teams for leading organisations in the Netherlands and beyond. We combine a pragmatic, people-first culture with strong craftsmanship, giving professionals autonomy in real production environments, backed by a consultancy that invests in growth, community, and long-term partnerships.

For one of our specialised financial clients operating globally in liquidity and information management, we are looking for an IT Security Officer to join their dedicated IT Security team. The organisation operates in a highly regulated environment, with a culture that values customer orientation, high-quality delivery, and strong collaboration within Agile DevOps squads.

You will partner with DevOps teams to strengthen application and platform security, provide hands-on guidance throughout the SDLC, and ensure that IT risks remain within appetite. This is a practical, advisory-focused security role not a GRC manager, architect, or full-time penetration tester.

What you’ll do

Provide security advisory and hands-on guidance to DevOps teams across development and operations
Translate IT risk and security requirements into actionable specifications for testing, reporting, and remediation
Advise engineers on secure coding practices and assist with secure code reviews
Collaborate with teams to prepare for and respond to penetration testing; support issue remediation
Guide teams in static and dynamic code analysis (SDLC) and improve secure development workflows
Support the secure design, configuration, and hardening of CI/CD pipelines and supporting tooling
Partner with stakeholders to understand needs and shape secure, practical solutions
Work closely with IT delivery, business stakeholders, and the broader ING security ecosystem
Contribute to building a secure, compliant IT environment that supports business objectives
Operate within an Agile DevOps way of working, with rapid feedback cycles and shared squad responsibility

What we’re looking for

Knowledge & Experience

3–4+ years in an IT security role, preferably within a software development or financial services environment
Hands-on experience with coding, or at minimum secure code review and remediation
Strong understanding of network and web protocols (TCP/IP, UDP, IPSEC, HTTP/HTTPS, etc.)
Solid knowledge of common vulnerabilities and mitigation strategies (e.g., OWASP Top 10)
Familiarity with security frameworks such as ISO2700x, NIST, ISF, CIS
Nice to have: experience with Checkmarx or similar secure code analysis tools
Nice to have: certifications such as SSCP, CISSP, Security+, CEH, etc.

Competencies

Strong hands-on mentality, you adopt problems and actively work towards solutions
Excellent communication skills, comfortable explaining technical issues to all audiences
High sense of ownership, urgency, and drive
Customer-focused, collaborative, and team-minded
Ability to build confidence and trust in an environment of constant change
Strong analytical and problem-solving abilities, especially in ambiguous situations
Resilient, structured, and constructive in stressful or complex environments
Willingness to continuously learn and improve

**What we are not looking for**

A lead or a manager
An architect
A pure GRC specialist
A full-time penetration tester (though pen testing experience is a strong plus)

This role is about hands-on advisory, secure engineering enablement, and day-to-day collaboration with DevOps teams.

Why this role is unique

You work in an organisation that supports a global Fortune 500 client base
You operate in a DevOps-driven model, with squads owning their applications end-to-end
The culture strongly values customer orientation, craftsmanship, and continuous feedback
You collaborate closely with IT delivery and business stakeholders while shaping secure, scalable solutions

IT Security Officer