CISO Officer Brussels 12 months
Our client based in Brussels is currently looking for a CISO Officer for a 12month contract.
Translate the CISO vision and develop its strategy into highlevel stateoftheart (including risk management) yet practical and pragmatic solutions processes and services to adequately secure the production resources of the customers organization (physical and electronic information/data as well as IT resources) and its subsidiaries.
MAIN ACTIVITIES
Information Security Management: Identifies security protection objectives and indicators in accordance with the CISO strategic plan and priorities
Information Risk Management: implements and maintains an information risk management framework based on the ISF IRAM
CISO Solutions & Services team:
monitors the cybersecurity services provided by the customers IT subcontractors
implements the Identity & Access Management strategy solutions and governance
Governance policies and awareness :
Develops obtains approval for communicates enforces and monitors PSPGs (policies standards procedures and guidelines) on information security and data protection within agreed frameworks and legal regulations in accordance with the agreed review cycle
Coordination and management :
Is responsible for the operational coordination and management of one or more projects and initiatives within the Information Security department (priorities budgets resource and project planning)
works closely with the IT PMO to ensure alignment with existing IT project processes
Reporting :
prepares quarterly reports on CISO areas for the Executive Committee
draws up prepares and monitors status reports (progress budget resources planning project models) on these initiatives at senior management level
Monitoring IT compliance:
establishes and maintains an IT compliance and audit framework in line with legal requirementsor strategic IT objectives
works closely with the Data Protection Officer and the Information Risk Manager to share audit findings and to share audit findings and compliance breaches
Knowledge development :
Keeps abreast of new developments in CISO fields and examines how they can be applied within the customers organisation.
keeps abreast of new security threats market developments technologies relevant legislation technical developments in IT and other securityrelated areas
Requirements
CRITERIA
Area of responsibility
Information Security Management
Information Risk Management
CISO Security Solutions & Services team
Information security and data protection governance policies and awareness
Coordination and management of one or more projects and one or more initiatives within the security department
Reporting on CISO areas and security findings
Monitoring IT compliance
Updating and expanding knowledge
Knowledge and complexity
Masters level or equivalent through experience
35 years relevant professional experience
Integration period of a few months
Knowledge of ISO2700x standards
Indepth knowledge of one or more CISO areas (IT Risk Management CISO Solution & Services Information Security & Compliance etc.)
Knowledge of security architecture and controls
Knowledge of IT processes and technology
Certificates: CISSP CISM or CISA
Knowledge of programme management
Problem solving
Ability to convert the CISO strategic plan into objectives indicators actions etc.
Ability to run several projects in parallel
Within projects be able to distribute activities between several people
Ability to draw up and implement frameworks procedures policies standards and awareness programmes.
Analyse security incidents and be able to propose solutions which are sometimes not obvious
Carry out accurate risk assessments
Prepare and deliver presentations to senior management and executive management
Be able to keep knowledge up to date in a field governed by a rapid evolutionary curve (trends technologies etc.)
Demonstrate autonomy in managing projects and project teams and in dealing with issues/complaints/incidents
Comply with the information security policy and vision the CISO strategic plan the ISO2700x current legislation (RGPD NKI NIS etc.) and international standards
Call on the executive in the event of escalations to review incidents validate project plans budgets resources and budgets resources and (interim) reports
Languages
Knowledge of French Dutch and English (spoken and written)
If you are interested please send me your CV and I will contact you as soon as possible with further details.