Chief Information Security Officer

Location: Brussels

Start Date: 16/07/2025

End Date: 15/07/2026

Role Description:

We are looking for an experienced and hands-on Chief Information Security Officer (CISO) to lead cybersecurity and IT risk management efforts. The ideal candidate will possess deep knowledge of cybersecurity principles, risk management practices, and regulatory requirements. This role involves ensuring the confidentiality, integrity, and availability of systems and sensitive customer data. The CISO will be responsible for designing, implementing, and maintaining a comprehensive information security strategy while collaborating with both technical and non-technical teams.

Key Responsibilities:

• Cybersecurity Strategy and Governance:
  • Implement a cybersecurity vision and strategy aligned with organizational priorities.
  • Define a governance structure for cybersecurity consistent with IT governance principles.
  • Create and manage a unified framework to integrate and normalize technologies and requirements from global laws, standards, and regulations.
  • Chair and prepare the quarterly Information Security Steering Committee.
• IT Risk Management:
  • Lead risk assessments and vulnerability management.
  • Provide recommendations for mitigating risks related to new technology deployments and regulatory compliance.
  • Monitor the external security posture and provide security monitoring on critical third parties.
  • Coordinate responses to regulators’ requests on cybersecurity and IT security risk management.
• Security Operations & Incident Response:
  • Oversee day-to-day operations of the information security program.
  • Coordinate responses to cyber incidents and crises.
  • Develop and implement incident response plans and procedures.
• Cybersecurity Projects and Expertise Sharing:
  • Provide expertise and support to departments during strategic project development.
  • Ensure cybersecurity and IT risk management is embedded in the project delivery process.
• Security Awareness and Training:
  • Manage a targeted information security and IT security risk management awareness and training program.

Language Requirements:

• Dutch: Preferred
• French: Preferred
• English: Fluent

Education and Certifications:

Relevant certifications (CISM, CISSP, NIS2, GDPR, ISO 27001 Lead Implementer).

Telework Expectation:

60% on-site (Tuesday, Thursday + 1 day of choice) & 40% homeworking.

Required Experience/Knowledge:

• Strong technical background in network security, system administration, and hands-on experience with security tools and technologies.
• Experience with cloud security, SaaS products, and securing systems.
• Proven experience in IT risk management, including conducting risk assessments and implementing risk mitigation strategies.
• Familiarity with industry regulations such as DORA, PCI-DSS, GDPR.
• Strong leadership skills with the ability to communicate complex security concepts to non-technical stakeholders.
• Minimum of 5-7 years of experience in information security, with at least 3 years in a leadership role, preferably in a services environment.