Senior Manager Information Security

Job Title: Information Security Manager

Location: City, Brussels

Department: Information Security

Job Type: Permanent

Job Summary:

The Information Security Manager will be responsible for overseeing and enhancing the information security posture. This role involves developing, implementing, and managing a robust information security strategy, ensuring compliance with relevant regulations, and safeguarding the organization’s information assets. The successful candidate will work closely with IT, Compliance, and Risk Management teams to address security risks and promote a culture of security awareness throughout the organization.

Key Responsibilities:

1. Security Strategy Development:

• Develop and implement an information security strategy aligned with business goals and regulatory requirements.
• Establish and maintain an information security framework, including policies, standards, and procedures.

1. Compliance and Risk Management:

• Ensure compliance with local and international regulations related to information security (e.g., GDPR, IDD, PSD2, NIST, NIS2).
• Conduct regular risk assessments and vulnerability assessments to identify security gaps and recommend mitigation strategies.

1. Incident Management:

• Lead the incident response process, including detection, analysis, containment, and recovery from security incidents.
• Develop and conduct security incident response exercises to improve organizational readiness.

1. Security Awareness and Training:

• Promote a culture of security awareness through the development and execution of training programs for employees at all levels.
• Provide guidance on security best practices and facilitate ongoing knowledge sharing.

1. Collaboration and Communication:

• Work closely with IT, Development, and Operations teams to ensure security is integrated throughout the software development lifecycle and IT operations.
• Communicate security status, risks, and initiatives to senior management and relevant stakeholders.

1. Monitoring and Reporting:

• Implement security monitoring solutions to detect and respond to threats effectively.
• Prepare regular reports on security performance and compliance metrics for executive leadership.

1. Vendor Management:

• Assess and manage third-party security risks related to vendors and partners.
• Ensure that contracts and service level agreements (SLAs) include appropriate security provisions.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Proven experience (typically 8+ years) in information security management, ideally within the insurance or financial services sector.
• Deep understanding of information security frameworks (e.g., NIST, ISO 27001), risk management, and compliance requirements.
• Strong knowledge of security technologies (firewalls, SIEM, intrusion detection, encryption) and best practices for protecting sensitive data.
• Relevant security certifications (e.g., CISSP, CISM, CISO, or equivalent) are highly preferred.
• Excellent analytical, problem-solving, and communication skills.
• Fluency in English; proficiency in French and/or Dutch is a significant advantage.