Head of Information Security

Who we are

,, - at Catawiki, we come across exceptional objects such as these every day.

Catawiki is the leading online marketplace to buy and sell special objects. We offer over 75,000 special objects in auction every week — each reviewed and selected by one of Catawiki’s hundreds of in-house experts specialised in Art, Design, Jewellery, Fashion, Classic Cars, Collectables and many more.

We've sold 10 million unique items to date and it’s our mission to become the world’s most popular auction destination for special objects.

We’re an innovative, pioneering and fast-growing scale-up. If you think you can make a difference to our team, go ahead and apply.

About the role and team

We are looking for a Head of Information Security to lead and manage our cybersecurity function.

As the leader of the team, you’ll be responsible for driving our efforts toward ensuring that our customers and employees stay safe: you will do so leveraging automation, being an advisor and evangelizing best security practices. As a manager you will use your experience and technical acumen to lead the security function, coaching and mentoring your security engineers.

To convey a sense of scale, here are a few numbers:

• Around 120 people are in the engineering function
• 12 cross-functional agile teams, grouped into 4 teams of teams
• Around 40 microservices [ruby on rails, golang]
• Around 10 million unique users per month
• Up to 15-20k HTTP requests per second served

And plenty of bots and bad actors that are trying to breach our perimeter, steal our customers' financial information and commit fraud.

What you’ll do

• You are responsible for the entire security team's project success and overall protection of user data and intellectual property.
• You’ll maintain security policy compliance, spearhead security projects, and manage technical staff.
• Develop and implement a comprehensive information security strategy aligned with objectives and regulatory requirements.
• Conduct risk assessments to identify vulnerabilities and potential threats in the organization's systems and processes.
• Directly oversee security systems and infrastructure monitoring, promptly identifying and responding to security incidents.
• Assess and oversee the security aspects of third-party vendors and service providers.
• Liaise with Product Development, Platform, Legal and Data Protection to advise on best practices and influence their roadmap

All in a work environment where people from all backgrounds can thrive and grow. Your impact will help millions of people buy and sell the objects of their dreams.

Who you are

• 2+ years of experience as a manager
• 8+ years of experience in the security domain
• Deep understanding of technical security controls requirements and emerging security trends.
• Experience of implementing security detection and response controls within one the major cloud providers (AWS, GCP, Azure)
• Ability to translate technical security issues to a large audience and gather their support.
• Experience with corporate security controls on MacOS.
• Excellent communication skills in English, including communicating well across different functions and different levels in an organization.

Bonus if you

• Experience in scale-ups and ability to cope with ambiguity and changing business requirements
• Hands-on experience implementing security controls (i.e. bot detection, WAF) for an environment deployed on GCP, using a major vendor such as Akamai, Cloudflare and similar
• Experience with security regulations such as ISO27001, NIST, or CIS Controls

Where you’ll be

This role is based in our Amsterdam office, the Netherlands and reports to our VP Engineering

Here’s what we can offer you

This is your chance to join our mission to fulfill people’s passions as part of a young and dynamic organization. You'll be part of an enthusiastic, highly motivated team of 800+ Catawikians.

Additionally, you can expect:

• A challenging role in a diverse, international and fast-growing organisation with over 50 nationalities.
• Regular fun activities both on and offline e.g summer parties, boat rides and regular team events.
• Great secondary benefits including a holiday allowance and a fantastic pension plan paid for by Catawiki.
• Hybrid ways of working between home and office. We offer remote and activity-based working, suited to the team and individual responsibilities
• We care about our teams’ wellbeing and offer a holistic wellbeing programme including our Employee Assistance Programme offering clinical services, single-session therapy, wellness support and more.
• Tailored learning and development opportunities to support your personal and professional growth;

We want to help you celebrate special occasions in life by:

• Provide employees with a 100 EURO Catavoucher upon joining and 50 EURO birthday Catavouchers;
• Extra days of annual leave for work anniversaries at 3, 5, 8 and 10 years;
• Additional leave allowances for important life events such as moving, engagement & marriage;
• Each year Catawikians get an additional day’s leave to Pursue their Passion!

Please note that our benefits offering changes depending on which country you are employed in. For our country-specific offering please ask your recruiter.

Our commitment to you

Catawiki’s eclectic team represents an international and intergenerational mix of people from different professional and cultural backgrounds. We foster an inclusive and queer-friendly work environment, committed to making every Catawikian feel welcomed and empowered. Whatever your story, we encourage you to bring your unique perspective to the table.

Catawiki stands with Ukraine and encourages people displaced by the current conflict to apply. In addition to the several initiatives we’ve launched, we’re open to ideas on ways we can continue to support the humanitarian effort.

Our offices and way of working

We have sensational offices in Amsterdam, Groningen, Paris and our newest office in Lisbon. Most of our employees are within commutable distance of one of our office locations and enjoy a hybrid work model. This means we expect you to be in the office 2 out of 5 days, roughly 40% of your working time, to collaborate and connect with each other. The exception is of course, if the job description specifically states that the role is 100% remote, as some experts and sales positions are.

Interested?

Apply directly with an English CV and cover letter by submitting your information at the bottom of this page. By submitting your application you agree to .

If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.