Lead the security governance function for Orange Belgium, defining and sustaining the security policy framework, ensuring ISO 27001 and ISO 22301 compliance and regulatory obligations (NIS2, DORA, GDPR). Accountable for resilience strategy and crisis management, partnering with IT/Tech to implement BC/DR plans, and driving security awareness. Without this role, governance would be fragmented, certifications risked, and business continuity would be inadequately prepared, compromising secure and resilient operations across fixed and mobile networks.
Head of Security Governance and Business Continuity
Location: Evere
* Security governance framework development and maintenance Accountable for designing and maintaining the company security policy framework aligned with ISO 27001/27005 and country requirements; Responsible for policy lifecycle management.
* Compliance and regulatory program management Accountable for regulatory compliance (GDPR, NIS2, DORA. Responsible for implementing controls and monitoring. Informed on enforcement actions and audit findings.
* BCMS and Crisis Management leadership Accountable for the Business Continuity Management System strategy, crisis management process ownership, and DR/BC planning; Responsible for plan development, testing oversight, and corrective actions.
* Risk management and resilience analytics Accountable for risk-based analysis of resilience across the network and applications; Responsible for risk assessment cycles and mitigation tracking; Informed of risk events and remediation progress.
* Security awareness and culture Accountable for rising security awareness and culture across the organization; Responsible for program design and rollout; Consulted with HR and Internal Communications; Informed leadership on progress metrics.
* Audit, assurance, and continuous improvement Accountable for coordinating internal/external audits, tracking non-conformities, and closing corrective actions; Responsible for assurance activities and KPI tracking; Consulted with Internal Audit, Compliance, and Legal; Informed of audit outcomes.
* People Leadership, Development & Knowledge Sharing Lead, coach, and develop the team; foster communities of practice, mentor career growth, and drive cross‑functional security capability building.
* Master's degree (or equivalent) in Computer Science, Information Security, engineering, or a related field
* Experience: 8–12 years in IT/Telco security/governance with leadership exposure; track record in ISO 27001 and BCMS programs; exposure to regulatory regimes (GDPR, NIS2, DORA)
* Desirable certifications: CISSP, CISM, CISA; ISO 27001 Lead Implementer/Auditor; ISO 22301 Lead Implémenter.
* Industry experience: telecom or similarly regulated large enterprise is strongly preferred
Apply