Head of Information Security & Risk
About Yonderland
At Yonderland, we believe the outdoors is more than a destination — it’s a way of life. As Europe’s largest premium outdoor retailer, we inspire people to spend more moments outside through top-quality brands, expert services, and over 40 years of experience. With 190+ stores across Europe and a strong e-commerce platform, we create unforgettable outdoor experiences every day.
Sustainability is at the core of everything we do. From responsible sourcing to circular economy initiatives, we are committed to reducing our environmental footprint and leading the way in responsible retail.
To support our continued growth and protect the trust of millions of customers, we are looking for a Head of Information Security and Risk — a strategic leader who will safeguard our digital ecosystem while aligning security with business and sustainability goals.
Your Role
As Head of Information Security and Risk, you will define and lead Yonderland’s company-wide security, risk, and compliance strategy. You will operate at senior leadership level and play a critical role in governance, regulatory compliance, and cyber resilience across the organization.
Key Responsibilities
Security, Risk & Compliance Strategy
* Define and execute the enterprise-wide information security, risk, and compliance strategy and roadmap, aligned with business objectives and the Security Council.
* Establish and maintain security, risk, and compliance policies, standards, and procedures.
Risk Management
* Identify, assess, prioritize, and mitigate risks to information assets.
* Develop and maintain a continuous risk management framework.
* Oversee vulnerability management and incident response planning.
Regulatory & Compliance Oversight
* Ensure compliance with GDPR, NIS2 (EU & UK), AI Directive, and other applicable regulations.
* Conduct and oversee internal and external audits.
* Monitor, report, and advise on regulatory compliance and legal risk mitigation.
Governance & Architecture
* Oversee security architecture and governance frameworks aligned with business needs.
* Define clear roles and responsibilities for security, risk, and compliance stakeholders.
* Drive security and compliance awareness programs across the organization.
Collaboration & Reporting
* Partner with IT, business units, and data owners to ensure data protection, privacy, and compliance.
* Monitor emerging threats, regulatory changes, and technologies.
* Report monthly to senior leadership and the Security Council on security posture, risk exposure, and compliance status.
Your Profile
* Bachelor’s or Master’s degree in Information Security, Computer Science, Law, Risk Management, or a related field.
* 10+ years of experience in IT security, risk management, or compliance, including 5+ years in a leadership role.
* Strong expertise in cybersecurity frameworks (ISO 27001, NIST, CIS, etc.).
* Solid knowledge of risk management methodologies (ISO 31000, COSO).
* Proven experience with cloud security, network security, data protection, and regulatory compliance (GDPR, NIS2).
* Excellent leadership, communication, and stakeholder management skills.
* Experience with audits, regulatory reporting, and incident response.
* Knowledge of Dutch is a very strong asset, English is a must.
* Relevant certifications are a strong plus (CISSP, CISM, CCISO, CRISC, CCEP).
What We Offer
* A strategic leadership role with real impact in a purpose-driven organization.
* Competitive salary and benefits package.
* Opportunities for continuous professional development.
* A collaborative, innovative culture driven by sustainability, trust, and customer focus.
🌿 Ready to lead our cybersecurity strategy and protect the future of outdoor retail?
Apply now and help Yonderland safeguard its digital ecosystem while inspiring responsible outdoor living.
For this role Yonderland works exclusively with Everest Recruitment. All applications will be screened & selected by them. If you are interested you can apply through LinkedIn or send your resume directly to: herbert.martens@everest-recruitment.be