CISO Officer - Infosec and Compliance

As an Information Security Officer you will be part of a team responsible for Information Security Risk assessments, IS Risk and Audit follow-up, Information Security standards and the implementation of IS controls.

Your responsibilities:

Information Security Management:

• You identify security protection objectives and metrics in line with the strategic CISO plan and priorities

• You actively support the ISMS (Information Security Management System) in line with international standards

• You are responsible for the active follow-up and completion of the various CISO dashboards and initiate the appropriate corrective measures

• You follow up the defined actions of internal and external IT audits within the IT organization and provide monthly feedback to IT management and Internal Audit at the customer

Governance, Policies & Awareness:

• You are responsible for communicating, complying with and checking PSPG (Policies, Standards, Procedures and Guidelines) on information security and data protection

• You involve the security liaisons at the customer in implementing policies and standards and resolving incidents

Coordination and management:

• You are responsible for the operational coordination and management of one or more projects and initiatives within the Information Security department (priorities, budgets, resource & project planning)

• You coordinate, within the Cyber- & Information Security Office, with other departments and you work closely with IT PMO to align with existing IT project processes

Reporting:

• You assist in the preparation of quarterly reports on the CISO domains to the executive committee

• You are also responsible for drawing up, preparing and following up status reports on these initiatives at senior management level and for reporting on security findings from the dashboards.

Requirements

• You conduct objective risk assessments and you have a strong analytical and problem-solving ability

• You work independently and coordinate with and report to different parties in a timely manner. You can easily adapt your communication to the person you have in front of you

• You work in a structured manner and can work on multiple tasks in parallel

• You stay informed on the latest developments in CISO domains and proactively consider how these can be applied.

• You have a relevant bachelor's or master's degree

• You already have two years of experience with ISMS and risk assessments

• You have knowledge of ISO2700x standard, of security architecture and controls and of IT processes and technology

• Knowledge of CISSP, CISM or CISA is a plus

• Spoken and written fluency in English is essential; understanding of Dutch or French is a strong asset

Offer

Within our open corporate culture, you contribute to the digital transformation of SNCB. You will have a job with social impact and ample opportunity to make your own contribution. In addition to a good work-life balance and a market-related salary, you have:

• the possibility to work remotely + flexible working hours;
• 35 days of leave;
• a company car + a public transport pass;
• a target bonus;
• a hospitalisation insurance (including dental care) for the entire family, a group insurance and a disability insurance (cafeteria plan), without own contribution;
• meal cheques and eco-vouchers;
• net allowances for remote working and carwash + internet budget.