Purpose of the role & positioning

As Chief Information Security Officer (CISO), you hold ultimate responsibility for designing, implementing, monitoring, and adjusting the information security strategy. You safeguard the organization’s protection against internal and external threats and ensure that security is structurally embedded in operations and decision-making. You report directly to the Administrateur-Generaal and have hierarchical authority over the cybersecurity staff member(s). In addition, you provide substantive direction and advice to various teams and key roles within the organization.

Strategy, governance & risk management

You develop, implement, and maintain the information security policy, procedures, and guidelines, with particular attention to compliance with relevant legislation and standards (including GDPR/NIS2 and ISO/IEC 27001). You organize risk and impact analyses of security measures and translate risks into concrete mitigations, priorities, and a feasible roadmap.

Incident management & continuity

In the event of security incidents, you take the lead in the incident response process: from detection and analysis to containment, recovery, and reporting. Where necessary, you coordinate forensic investigations and ensure that corrective and preventive measures are documented, executed, and followed up.

Awareness & culture

You build strong security awareness by setting up and implementing training and awareness programs for employees and other stakeholders. You evaluate their effectiveness and make adjustments where necessary.

Architecture, technology & processes

On a technical level, you direct the development and management of the security architecture (network, application, and data security). You select and implement appropriate security technologies and tools, and establish sustainable processes (e.g., IAM) to ensure ongoing security.

Compliance, audit & reporting

You coordinate internal and external audits and ensure continuous compliance with relevant security standards. You provide clear reporting to the Board of Directors, auditors, and regulatory authorities, and identify areas for improvement to further increase the maturity of information security.

Collaboration & stakeholder management

You are the central point of contact for information security. You work closely with IT, legal affairs, HR, and operational teams to anchor the security strategy across the organization. In addition, you maintain contacts with external partners within Social Security and with regulatory agencies.

Language requirements:

One of the two national languages is your mother tongue. You must be able to read and understand the other national language at a minimum. Knowledge of English is also required.

Work regime:

Hybrid, specifically 2 days per week in the office and 3 days remote working