Group Chief Information Security Officer H/F

Job description

Key responsibilities
Establish Governance and Build Knowledge 
Establish and maintain the cybersecurity governance structure
Provides regular reporting on the status of the cybersecurity program
Develops, socializes and coordinates approval and implementation of security policies
Directs the creation of a targeted cybersecurity awareness training program for all employees
Advises on the cyber risk posture of the organization, including the mandatory application of controls
Coordinates security programs globally and mobilize employees in all locations

Lead the Organization 
Leads the cybersecurity function across the company
Determines the cybersecurity approach and operating model in consultation with stakeholders
Manages an effective cybersecurity organization, consisting of direct reports and dotted line reports.
Defines and facilitates the processes for cybersecurity risk and for legal and regulatory assessments.
Ensures that security is embedded in the project delivery process by providing the appropriate cybersecurity policies, practices and guidelines
Manages and contains cybersecurity incidents and events to protect corporate IT assets, intellectual property, regulated data and the company's reputation
Monitors the external threat environment for emerging threats, and advises relevant stakeholders on the appropriate courses of action
Develops and oversees effective resilience policies and standards
Coordinates the development of implementation of incident response plans and procedures
Facilitates and supports the development of asset inventories, including information assets in cloud services and in other parties in the organization's ecosystem
 
Set the Strategy 
Develops a cybersecurity vision and strategy
Develops, implements and monitors a strategic, comprehensive cybersecurity program to ensure appropriate levels of confidentiality, integrity, availability of information assets owned, controlled or/and processed by the organization as well as the meeting of safety, privacy, reliability and resilience requirements as needed.
Works effectively with business units to facilitate cybersecurity risk assessment and risk management processes.
 
Build the Network and Communicate the Vision 
Creates the necessary internal networks
Builds and nurtures external networks consisting of industry peers, ecosystem partners, vendors and other relevant parties to address common trends, findings, incidents and cybersecurity risks
Liaises with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies
Liaises with the enterprise architecture team to build alignment between the security and enterprise (reference) architectures.

Desired profile

Demonstrated experience and success
Master’s degree in computer science, engineering, or a relevant field.
Minimum of 15 years of experience in information technology and data management, with a proven track record as Chief Information Security or in a similar managerial role within an international environment
Preferably, knowledge of the Life Science environment.
Excellent organizational and leadership skills, with a proven ability to effectively lead and manage teams. 
Strong managerial qualities coupled with strategic vision and a business mindset to define the Information Security roadmap and execution plan.
Extensive knowledge of IT systems, data and infrastructure.
Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
Sound knowledge of business management and a working knowledge of cybersecurity risk management and cybersecurity technologies
Experience in managing IT systems and large company-wide projects.
Financial/budget management, scheduling and workforce management

Languages
Fluent in English and French ideally
Location
Ghent, Paris or Rotterdam preferably.
Reporting
The position will report to the Group CIO