Expanding steadily since its launch in 2003, the ACENSI group is an IT consultancy firm, well known for their technical and functional know‑how, who specialize in Telecommunications, Media and Financial Markets, as well as in the Energy industry. ACENSI guides businesses in evolutionary IT projects from the initial strategies through to their realization (Management and Project management, Development, Design and Implementation, Infrastructure). From its original focus on technical engineering and Business Analysis, ACENSI has developed new areas of expertise in Human Resource Management Systems, Business Intelligence, e‑learning and Client Relationship Management. Dynamism, enthusiasm and social development are all valued at ACENSI, allowing our clients to benefit from consultants with a true blend of talents.
ACENSI BELGIUM is looking for his client an CISOaas Consultant (F/M/X).
The CISO function is responsible for maintaining oversight and control of the cybersecurity posture of the client’s subsidiaries. To ensure subsidiaries reach an acceptable security maturity level and comply with Belgian and EU regulations (notably DORA), the client is reinforcing its CISO‑as‑a Service (CISOaaS) team. The objective is to support subsidiaries in strengthening governance, risk management, regulatory alignment, and execution monitoring.
Mission Overview
As a CISOaaS Consultant for the client, you will:
* Assess the cyber risk posture of subsidiaries.
* Develop multi‑year cybersecurity strategies and roadmaps.
* Ensure regulatory compliance (DORA, NIS2, EBA/ECB guidelines).
* Deliver executive‑level reporting and communication.
The role requires translating regulatory and technical complexity into pragmatic, business‑oriented action plans supported by clear reporting to Senior Management.
Key Responsibilities
* Assess and articulate the cybersecurity risk exposure of the client’s subsidiaries.
* Raise awareness at management level regarding risk gaps and maturity deficiencies.
* Translate technical findings into business‑relevant impact statements.
Cybersecurity Strategy & Roadmap
* Support subsidiaries in developing a multi‑year cybersecurity strategy aligned with:
o The client’s security standards.
o Belgian and EU regulatory frameworks (DORA, NIS2, etc.).
* Define prioritized remediation and investment plans.
* Ensure alignment between entity initiatives and the client’s central security expectations.
Regulatory & Framework Alignment
* Map EU regulatory requirements to concrete security controls.
* Break down regulatory complexity into actionable remediation steps.
* Ensure alignment with:
o DORA.
o NIS2.
o ISO 27001.
o NIST CSF.
Governance & Execution Follow‑up
* Track remediation actions and ensure structured follow‑up.
* Identify risks, delays, and blockers; facilitate resolution.
* With the client’s central security teams.
* With third‑party service providers.
Tactical Security Advisory (Preferred)
* Provide hands‑on guidance where needed on cloud security (AWS/Azure architectures).
* SIEM / EDR deployment & threat intelligence.
* Network security fundamentals.
* Vulnerability and patch management.
Executive Reporting
* Consolidate entity inputs into high‑quality executive deliverables.
* Prepare structured reports suitable for Senior Management.
* Develop communication materials supporting decision‑making within the client’s organization.
Required Profile Education
* Master’s degree (or equivalent by experience).
Certifications
* Cloud certifications (CCSP, Azure/AWS Security Specialty) are a plus.
Experience Requirements
* Proven experience designing and implementing enterprise security programs in regulated environments.
* Strong expertise in EU regulatory frameworks (DORA, NIS2, EBA/ECB).
* Strong working knowledge of ISO 27001 and NIST CSF.
Core Competencies
* Strong analytical and deductive reasoning.
* Ability to map regulations to operational security measures.
* Structured, outcome‑driven, and proactive mindset.
* Ability to communicate effectively across C‑level and technical audiences.
* Capacity to operate in complex multi‑entity environment.
#J-18808-Ljbffr