Description
Intuition IT is looking for an Information Security Officer for an exciting client in Brussels.
Main responsibility: guarding the vision, developing the strategy and implementing the program within the organization (including its subsidiaries) to secure the assets adequately.
1. The impact of the Information Security Manager extends across the entire enterprise (including subsidiaries).
2. assets means information (paper, electronic) and data, IT resources (networks, hardware, applications)
Focus
1. ISMS (Information Security Management)
- Provide strategic and tactical information security (non-technical) guidance for IT and non-IT projects.
- Actively monitoring the various cyber security intelligence dashboards (eg. Qualys reporting, Secunia vulnerability management, IBM Core Protection patch status, CyberArk PAM metrics, ...) and initiate appropriate corrective action within the IT organization.
- The triage of the CISO mailbox within the Cyber and Information Security Office
- Monitoring of predefined actions of internal and external IT audits within the IT organization and monthly feedback to IT management and Internal Audit.
2. Governance, Policies & Awareness - key performance indicators around approved PSPG
- drafting, get approved, communicate, make compliant and check PSPG (policies, standards, procedures and guidelines) around cyber security and data protection according ISO2700x and legal privacy regulations.
3. Reporting
- Preparing quarterly rapports.
- Drafting, preparing and monitoring of status reports (progress, budget, resources, planning, project templates) on these initiatives at senior management level.
- Drafting, preparing and following up reports on cybersecurity findings from the dashboards.
4. Monitoring of IT Compliance
- The establishment and maintenance of an IT audit and IT compliance framework, in line with legal requirements or strategic IT objectives.
- Establish close cooperation with the Data Protection Officer and the Information Risk Manager (~ identify risks) to audit findings and compliance exchange infringements.
- Performing IT audits and IT compliance commands - to determine defects or breaches - based on the information security and data protection policies and Information risk management processes.
- The administrative follow-up of outstanding IT audit recommendations.
Knowledge
Fluency in Dutch/French and English
Strong knowledge of MS Office
Strong knowledge of ISO2700x Standard
Certificates: CISSP, CISM of CISA
Start: latest in June
Duration: long term.