Security Governance and Business Continuity Manager
Location: Evere
Lead the security governance function for Orange Belgium, defining and sustaining the security policy framework, ensuring ISO 27001 and ISO 22301 compliance and regulatory obligations (NIS2, DORA, GDPR). Accountable for resilience strategy and crisis management, partnering with IT/Tech to implement BC/DR plans, and driving security awareness. Without this role, governance would be fragmented, certifications risked, and business continuity would be inadequately prepared, compromising secure and resilient operations across fixed and mobile networks.
* Security governance framework development and maintenance Accountable for designing and maintaining the company security policy framework aligned with ISO 27001/27005 and country requirements; Responsible for policy lifecycle management.
* Compliance and regulatory program management Accountable for regulatory compliance (GDPR, NIS2, DORA. Responsible for implementing controls and monitoring. Informed on enforcement actions and audit findings.
* BCMS and Crisis Management leadership Accountable for the Business Continuity Management System strategy, crisis management process ownership, and DR/BC planning; Responsible for plan development, testing oversight, and corrective actions.
* Risk management and resilience analytics Accountable for risk-based analysis of resilience across the network and applications; Responsible for risk assessment cycles and mitigation tracking; Informed of risk events and remediation progress.
* Security awareness and culture Accountable for rising security awareness and culture across the organization; Responsible for program design and rollout; Consulted with HR and Internal Communications; Informed leadership on progress metrics.
* Audit, assurance, and continuous improvement Accountable for coordinating internal/external audits, tracking non-conformities, and closing corrective actions; Responsible for assurance activities and KPI tracking; Consulted with Internal Audit, Compliance, and Legal; Informed of audit outcomes.
* People Leadership, Development & Knowledge Sharing Lead, coach, and develop the team; foster communities of practice, mentor career growth, and drive cross‑functional security capability building.
Your profile:
* Master's degree (or equivalent) in Computer Science, Information Security, engineering, or a related field
* Experience: minimum 8 years in IT/Telco security/governance with leadership exposure and team management
* Track record in ISO 27001 and BCMS programs; exposure to regulatory regimes (GDPR, NIS2, DORA)
* Desirable certifications: CISSP, CISM, CISA; ISO 27001 Lead Implementer/Auditor; ISO 22301 Lead Implémenter
* Industry experience: telecom or similarly regulated large enterprise is strongly preferred
* Ability to explain complex technical concepts to diverse audiences, including business and executive leadership; excellent written and verbal communication
* Leadership and stakeholder management skills
* Fluent English, and French or Dutch
We offer:
You will make the difference in this highly innovative vibe. As a result, you will develop your full potential by working with highly skilled colleagues and through continuous training. Moreover, you can count on a highly competitive and versatile compensation (market competitive salary, company car or legal mobility budget, homeworking and net allowance, performance bonus, meal vouchers) and benefits package.
Inspired? Please send us your resume and we will rapidly get back to you to invite you for further interviews.
Apply
Specific requirement:
A positive security advice from the National Security Authority is required for this role and the HR team will support you in the process after contract signature.