As part of strengthening cybersecurity requirements imposed by the European NIS2 directive, CHU Brugmann wishes to hire, for a temporary assignment, a senior consultant acting as CISO (Chief Information Security Officer).

The objective is to benefit from proven cybersecurity expertise for 6 months, in order to:

• Lead the launch of the NIS2 compliance program,
• Structure the foundations of robust security governance adapted to the hospital sector,
• And prepare the transition towards recruiting a future permanent internal CISO.

Main objective

Implement and coordinate the NIS2 compliance program of CHU Brugmann, while sustainably structuring the governance and management functions of information security.

Missions and responsibilities

Cybersecurity governance:

• Ensure the function of temporary operational CISO
• Clarify cyber roles/responsibilities
• Formalize the necessary policies (ISO 27001, NIS2, GDPR)

NIS2 compliance:

• Conduct a status assessment and maturity evaluation
• Develop a prioritized action plan
• Coordinate internal stakeholders and suppliers

Risk management:

• Map IT and OT risks
• Update the institutional risk analysis
• Provide security expertise to ongoing projects

Operational security management:

• Monitor security audits
• Manage critical incidents
• Recommend or initiate a detection solution (SOC, MSSP)

Compliance and awareness:

• Work closely with the DPO
• Support IT and business teams
• Produce reports expected by management and authorities

Reporting:

• Build an NIS2 dashboard
• Formalize compliance documents
• Ensure traceability and evidence of implementation

Additional information:

• The assignment may be extended for a maximum duration (including initial duration) of: 880 working days