Chief information security officer

💼Job Title: Chief Information Security Officer

👨‍💻Job Type: Contract/Freelance

📍Location: Brussels, Belgium

💼Work regime: Hybrid (3 Day Onsite in a Week)

🔥Keywords: (CISM, CISSP, NIS2, GDPR, ISO 27001 Lead Implementer)




What you will be doing

Client is looking for an experienced and hands-on Chief Information Security Officer (CISO) to lead the cybersecurity and IT risk management efforts at our payment institution. The ideal candidate will possess deep knowledge of cybersecurity principles, risk management practices, and regulatory requirements, and will be responsible for ensuring the confidentiality, integrity, and availability of our systems and sensitive customer data.


Mission Context

* Implement a cybersecurity vision and strategy based with organizational priorities, and enable and facilitate the organization's Business objectives, and ensure senior stakeholder buy-in and mandate.
* Define a governance structure for Cybersecurity within the first line of defense, consistent with the IT Governance, and with its associated principles.
* Create and manage, jointly with the CIO, a unified and flexible referential framework (policies, requirements, indicators, control plans, guidelines) to integrate and normalize the wide variety and ever-changing technologies & requirements resulting from global laws, standards and regulations.


* IT Risk managementLead risk assessments and vulnerability management to identify and mitigate risks to the company’s IT systems and infrastructure.
* Provide recommendations to mitigate risks related to new technology deployments and regulatory compliance.
* Follow progress of Cybersecurity program and IT risk remediation plans implementation, and report the progress to the CIO and the 2nd Line Of Defense.
* Monitor the external security posture & provide security monitoring on critical main third parties.
* Lead the IT security risk activities in collaboration with ITRO and CRO and provide the consolidated IT security risk dashboard to the Risk Committee.
* Follow-up the closure of IT security audits & reviews’ internal and external recommendations.
* Coordinate the answers to regulators’ requests on Cybersecurity and IT security risk management subjects.


* Security operations & incident responseOversee the day-to-day operations of the information security program, ensuring continuous monitoring of systems, networks, and data.
* Provide expertise and support on Cybersecurity, IT risk management, and connected topics such asset inventories, including information assets in Cloud services and in other parties.
* Support the CISO team in the coordination of the responses to Cyber incidents and crisis, and coordinate the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event.
* Support the team concerning communication with authorities and regulators in case of Cyber incidents.


* Cyber security projects (focus on DORA) and expertise sharingLead the Information security and Third party risk management streams in the DORA program.
* Provide expertise and support to departments (IT and business-during strategic project development reviews, pen testing, red teaming, new business activities…), together with CIO and CISO guidance on Cybersecurity topics (network, cryptography, data, endpoints, applications developments, etc.)
* Watch and anticipate Cybersecurity and IT risks linked to emerging technologies, and promote those new technologies that can better protect the company with the support of the CISO team.
* Ensure that Cybersecurity and IT risk management is embedded in the project delivery process by providing the appropriate information security and IT risk management policies, practices and guidelines.
* Work with purchase department, procurement office, and supplier management teams to ensure that information security and IT risk management requirements are included in master contracts


* Security awareness and trainingCreate the necessary internal networks within the company and, risk management, line-of business executives, Compliance, Legal, Inspection Générale, and HR management teams to ensure alignment as required.
* Be in contact with external peers to address common trends, findings and Cybersecurity and IT risks.
* Manage a targeted information security and IT security risk management awareness and training program for all employees, contractors, and more particularly for the different departments and the Business Executives





Technical profile requirements

* Hands-On Technical Expertise: Strong technical background in network security, system administration, and hands-on experience with security tools and technologies (firewalls, IDS/IPS, SIEM, encryption, etc.). Experience with cloud security, SaaS products, and securing payment systems.
* Risk Management Experience: Proven experience in IT risk management, including conducting risk assessments, vulnerability management, and implementing risk mitigation strategies with ideally proven capability of managing third party risks.
* Regulatory Knowledge: Familiarity with payment industry regulations such as DORA, PCI-DSS, GDPR, and other relevant data protection and security standards.
* Strategic oversight: Ability to reconcile the cyber security program together with the ongoing initiatives while ensuring alignment.
* Leadership and Communication: Strong leadership skills with the ability to communicate complex security concepts to non-technical stakeholders, including executive leadership and the board.
* Stakeholder management including regulatory facing.
* Experience: Minimum of 5-7 years of experience in information security, with at least 3 years in a leadership role, preferably in a financial services environment.
* Nice to have: familiarity with payment institutions and understanding of the unique security challenges in the financial services industry





A little about us:

Innova Solutions is a diverse and award-winning global technology services partner. We provide our clients with strategic technology, talent, and business transformation solutions, enabling them to be leaders in their field.

* Founded in 1998, headquartered in Atlanta (Duluth), Georgia.
* Employs over 50,000 professionals worldwide, with annual revenue approaching $3.0B.
* Delivers strategic technology and business transformation solutions globally.
* Operates through global delivery centers across North America, Asia, and Europe.
* Provides services for data center migration and workload development for cloud service providers.

Awardee of prestigious recognitions including:

* Women’s Choice Awards - Best Companies to Work for Women & Millennials, 2024
* Forbes, America’s Best Temporary Staffing and Best Professional Recruiting Firms, 2023
* American Best in Business, Globee Awards, Healthcare Vulnerability Technology Solutions, 2023
* Global Health & Pharma, Best Full Service Workforce Lifecycle Management Enterprise, 2023
* Received 3 SBU Leadership in Business Awards
* Stevie International Business Awards, Denials Remediation Healthcare Technology Solutions, 2023