Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Chief Information Security Officer (CISO) | Driving Secure Digital Healthcare Transformation
The assignment involves supporting the organization in developing, implementing, and maintaining an organization-wide information security policy and management framework. The services are risk-driven and aim to ensure the availability, integrity, and confidentiality of information and critical processes.
General Tasks and Responsibilities
- Developing, maintaining, and improving an Information Security Management System (ISMS).
- Translating relevant laws, regulations, and standards (including NIS2 and ISO/IEC 27001) into concrete security measures.
- Managing and updating the information security policy, guidelines, and standards.
- Supporting the integration of information security within enterprise risk management and internal control systems.
- Advising management on risks, maturity levels, and priorities related to information security.
Risk Management and Compliance
- Establishing and maintaining a central information security risk register.
- Conducting or coordinating periodic risk assessments.
- Monitoring mitigation measures and reporting on residual risks.
- Supporting internal and external audits and compliance processes.
Security Architecture and Operations
- Advising on security architecture for networks, systems, cloud environments, and applications.
- Assessing security designs and changes impacting information security.
- Overseeing logging, monitoring, vulnerability management, and patch management.
- Supporting the development of detection and response mechanisms.
Incident Management and Continuity
- Maintaining an incident response framework and related procedures.
- Advising on the handling of security incidents and coordinating post-incident evaluations.
- Supporting the development and testing of business continuity and disaster recovery plans.
Supplier and Supply Chain Security
- Supporting the assessment of security risks related to external suppliers and service providers, including cloud and SaaS solutions.
- Advising on appropriate security clauses and controls.
Awareness and Training
- Developing a strategic information security awareness program, including awareness campaigns, training sessions, and simulated exercises.
Reporting and Consultation
- Providing periodic reports to management on the status of information security, key risks, incidents, audit findings, and the progress of improvement initiatives.
Scope of Services
The services will be delivered based on an average commitment of 20 hours per week. The planning and specific implementation of activities will be aligned with the organization’s priorities and risks.
Key Skills
Ranked by relevanceReady to apply?
Join Harvey Nash and take your career to the next level!
Application takes less than 5 minutes