PpThe Head of Information Security is responsible for defining and steering EVS's global security strategy in alignment with corporate priorities, regulatory requirements (NIS2, CRA, ISO27000, NIST, etc.), and operational needs. Acting as a strategic advisor and governance lead, the Head of Information Security will design, implement, and animate the cybersecurity governance model, while supporting the structuring of operational and tactical roles across the organization. This role is intended to establish a sustainable, business-aligned, and collaborative approach to information security, with a clear separation between governance and operational execution. /p h3Job Description /h3 h3Cybersecurity Strategy Roadmap /h3 ul liDefine and validate the overall cybersecurity vision and strategic objectives. /li liEstablish and maintain a multi-year cybersecurity roadmap aligned with business risk appetite, regulatory compliance, and transformation goals. /li liPrioritize key areas such as access control, data protection, incident response, and infrastructure hardening. /li /ul h3Governance Structure Implementation /h3 ul liDeploy the cybersecurity governance model based on 3 levels: strategic (LT/Head of IT), tactical (Cybersecurity IT operations manager and RD Security lead), and operational (Cyber Analysts, SOC). /li liClarify roles, responsibilities, and escalation paths across IT, RD, and corporate teams. /li liDrive the formalization of policies, charters, and decision-making processes. /li liEnsure that aBCP/DRP frameworkis defined, approved and monitored for the wider organisation. /li /ul h3Regulatory Risk Alignment /h3 ul liDefine and maintain the security control frameworkof EVS, ensuring regulatory compliance (NIS2, CRA, GDPR) and alignment with recognised standards (ISO/IEC 27001, NIST CSF, CyFun framework of the CCB). Define the control baseline and assess the effectiveness. /li liLead the formalization of the Information Security Management System (ISMS) baseline. /li liProvide status and reports on: ISMS effectiveness and maturity progression, regulatory compliance status (NIS2, CRA, GDPR), risk register evolution and treatment plans, findings and remediation from external audits (CAB, regulatory inspections), internal audit findings on cybersecurity topics and management responses. /li /ul h3Cross-Functional Collaboration /h3 ul liWork closely with the RD Security, Head of IT Department and the Transformation Office to embed security into product, digital and infrastructure initiatives. /li liInterface with Legal, Compliance, and Procurement on risk and contractual matters. /li liPromote awareness and a security culture throughout the organization. /li liSupport HR in obtaining security clearance of resources upon request. /li liCollaborate with Facility on the improvement of physical security. /li /ul h3Lead incident response efforts /h3 ul liDefine and deploy an incident response framework. /li liEnsure post-incident remediation and lessons learned. /li /ul h3Coaching Handover /h3 ul liCoach the Security Officers to take ownership of mitigation actions. Guide the organization to create hands‑on policies and implement procedures and measurable controls. /li liEnsure sustainability of the model through documentation and knowledge transfer. /li /ul h3EXPECTED DELIVERABLES (1-6 MONTHS) /h3 ul liFormalized cybersecurity governance model and documentation /li liPrioritized cybersecurity roadmap ) /li liISO27001 compliance action plan /li liIntegrate NIS2 CRA EU regulation and NIST standards into the ISMS baseline /li liDefined roles, processes and coordination flows for SOC, operational security and project security /li liExecutive-level dashboard for security KPI’s, risks, and progress tracking /li liDefined BCP/DRP action plan /li /ul h3Profile /h3 ul li10-15 years of experience in cybersecurity or information risk management /li liExperience with compliance frameworks (ideally ISO27001) /li liExperience building and maturing an ISMS /li liGreat business acumen with demonstrated leadership in complex organizations /li liStrong interpersonal and communication skills /li liDemonstrated crisis and incident leadership /li liFluent in English, knowledge of another language is an asset /li /ul h3Offer /h3 pBecoming Part of the EVS Team not only means that you will receive a competitive salary in line with your skills and the market, but also a range of other additional wellness and healthcare benefits. Our flexible schedules and hybrid way of working (homeworking) policies will help you preserve your work‑life balance. EVS will give you the tools to develop your skills and your career by giving you the opportunities of internal mobilities and a wide range of trainings. We encourage our motivated talents with a friendly, lively, and inclusive environment. /p /p #J-18808-Ljbffr