Cybersecurity Manager - CISO

TASKS

develops, updates and translates the cybersecurity and information security policy into clear frameworks, standards and guidelines

works from a recognized framework (such as NIST) and systematically monitors the maturity of cybersecurity within the organization

initiate and drive cyber-related initiatives and improvement processes based on market insights, risk analyses, incidents, audits and strategic priorities

manages the entire risk management cycle from a reputation frame of reference, identification, protection, prevention, response and recovery

monitors the incident response and crisis management framework for cyber and information security incidents and takes on a coordinating role in the event of incidents and data breaches

identify, assess and follow up on cyber risks throughout the organisation, with a focus on continuity, compliance and reputation

collaborates with ICT, data, legal and other services on cyber-relevant processes (such as change and run), with a focus on governance and risk management

acts as a substantive point of contact for internal and external audits and for cyber and risk-related aspects within supplier and contract management

provides board and management with clear reporting and advice on cyber risks, priorities and evolutions.

WHO ARE YOU

Strategically strong expert who can approach cyber security throughout the organization and can clearly translate complex matter into policy and decisions.

PREREQUISITES

A master's degree, preferably in an ICT or business administration, or an equivalent level through relevant and demonstrable experience.

Extensive knowledge of ICT risk management and cybersecurity, with a good understanding of IT infrastructures, networks, cloud and data environments.

Familiar with risk management within IT and digital ecosystems, including 3rd party and supplier risks.

Have in-depth knowledge of cyber and risk management frameworks (such as NIST) and can apply them pragmatically in an organizational context.

Insight into ICT service management and ITIL principles, in particular in relation to change and run processes.

Knowledge of relevant laws and regulations, such as the broad outlines of NIS2, and can translate their impact into policy and governance.

Analysing and weighing up risks and providing clear and substantiated advice to management and the board.

Communicate fluently and convincingly, both in writing and orally, and can facilitate cooperation and coordination.