Chief information Security Officer (CISO)

Mission Overview:

Join Keystone Solutions as a consultant CISO on a strategic client assignment. As Chief Information Security Officer (CISO), you will be ultimately responsible for designing, implementing, monitoring, and adjusting the client's information security strategy. You will safeguard the organization against internal and external threats and ensure that security is structurally embedded in operations and decision-making. You will report directly to the client's Administrator-General and have line management over the client's cybersecurity staff. In addition, you will provide substantive direction and advice to various teams and key roles across the organization. All responsibilities below will be performed as a Keystone Solutions consultant, embedded with and working closely alongside the client.

About Keystone Solutions' Consultancy Model:

• Consultancy nature of work: Operate on-site at client locations as a Keystone Solutions consultant, integrating with client leadership and teams while leveraging Keystone's collective expertise and playbooks.
• Dynamic projects: Address diverse security challenges, with opportunities to contribute to future missions across different industries and environments as your ambitions grow.
• Turbo-charged learning and development: Benefit from structured coaching, certifications support, peer communities of practice, and access to seasoned security leaders within Keystone Solutions.
• Ambition skyrocketing within a consultancy framework: Build breadth and depth through varied client engagements, accelerating your progression from delivery to strategic advisory and practice leadership.
• Values in action as a K-Stone: We bring excellence, integrity, ownership, curiosity, and empathy to every engagement—being a K-Stone means embodying these values in each client project and outcome.
  
  
  

Role Purpose and Positioning (client-facing, as a Keystone Solutions consultant):

• As Chief Information Security Officer (CISO), you are ultimately responsible for designing, implementing, monitoring, and adjusting the information security strategy.
• You safeguard the organization against internal and external threats and ensure that security is structurally embedded in operations and decision-making.
• You report directly to the Administrator-General and have hierarchical/line management over the cybersecurity staff.
• You provide substantive direction and advisory support to various teams and key roles within the organization.
  
  
  

Strategy, Governance & Risk Management:

• Develop, implement, and enforce the information security policy, procedures, and guidelines, with particular attention to compliance with relevant regulations and standards (including GDPR/NIS2 and ISO/IEC 27001).
• Organize risk and impact analyses of security measures and translate risks into concrete mitigations, priorities, and a feasible roadmap.
  
  
  

Incident Management & Continuity:

• Lead the incident response process for security incidents: from detection and analysis to containment, recovery, and reporting.
• Coordinate forensic investigations where necessary and ensure that corrective and preventive measures are defined, executed, and followed up.
  
  
  

Awareness & Culture:

• Build strong security awareness by designing and executing training and sensitization programs for employees and other stakeholders.
• Evaluate their effectiveness and adjust where necessary.
  
  
  

Architecture, Technology & Processes:

• From a technical standpoint, direct the development and management of the security architecture (network, application, and data security).
• Select and implement appropriate security technologies and tools, and establish sustainable processes (e.g., IAM) to ensure lasting security assurance.
  
  
  

Compliance, Audit & Reporting:

• Coordinate internal and external audits and ensure continuous compliance with relevant security standards.
• Provide clear reporting to the Governing Body, auditors, and supervisory authorities, and identify improvements to further raise information security maturity.
  
  
  

Collaboration & Stakeholder Management:

• Serve as the central point of contact for information security.
• Work closely with IT, Legal, HR, and operational teams to embed the security strategy across the organization.
• Maintain relationships with external partners within the Social Security ecosystem and with regulatory authorities.
  
  
  

Skills and Experience Requirements:

• Strong leadership and management skills; you communicate fluently and are able to act quickly.
• Demonstrated persuasive power, negotiation skills, determination, and a strong sense of responsibility.
• Expert-level experience in strategy, governance, and implementation of information security and data protection.
• ISO 27001 certification (junior level acceptable or in progress).
• ISO 27701 certification (junior level acceptable or in progress).
• Expert knowledge in the domains of information security, risk management, and compliance.
• Knowledge of and experience with the Microsoft Cloud Adoption Framework is a plus (junior level).
• Knowledge of and experience with Microsoft Defender is a plus (junior level).
• Familiarity with security architecture, network security, and incident response (junior level acceptable).
  
  
  

Languages:

• Native proficiency in one of the two national languages (Dutch or French).
• Ability to read and understand the other national language (Dutch or French).
• English knowledge is also required.
  
  
  

Engagement Details and Work Setup:

• Consultancy mission delivered through Keystone Solutions, working closely with the client's leadership and teams.
• Location: Brussels (on-site at the client's office in the 1000 Brussels area), combined with work at Keystone Solutions and remote collaboration.
• Work regime: Hybrid—specifically 2 days per week on-site at the client's office and 3 days teleworking.
  
  
  

Role-Specific Impact as a Consultant:

• Apply CISO leadership to align policy, risk, architecture, and operations in a complex stakeholder landscape, while benefiting from Keystone's collective knowledge base.
• Shape and elevate client security maturity through hands-on execution and executive-level advisory, with opportunities to tackle future client missions as your impact grows.
  
  
  

If you are ready to tackle technical and strategic challenges in a dynamic consultancy environment, apply today at Keystone Solutions Career Portal.