As Chief Information Security Officer (CISO), you fulfill a crucial leadership role at Fedasil: you protect the organization against cyber threats and ensure the resilience of the IT environment and its processes.

The CISO is responsible for information security and IT resilience at Fedasil. They are the guarantor of the confidentiality, integrity, and availability of data. The CISO also defines and leads the strategy and governance regarding IT security at both operational and regulatory levels, particularly in compliance with NIS2 legal requirements and GDPR. The CISO acts as an important link between the executive management, the DPO, the ICT department, and the federal authorities.

Profile:

• Minimum of 10 years of experience in enterprise IT with at least 5 years of experience in information systems security (operational or organizational)
• Good knowledge of technical means for protecting IT infrastructure and data (firewall, anti-virus, encryption, ...)
• Knowledge of the operating principles of enterprise IT infrastructure components (Microsoft EntraID, IAM, client/server architecture, network technologies)
• Ability to balance cybersecurity risks with operational and business priorities
• Ability to communicate analyses or decisions in terms of business risks for Fedasil
• One of the following certifications is desired: CISSP – CISM – CISA – ISO27001 – ISO27005
• Good knowledge of the NIS2 directive as well as international information security standards.

Roles:

• Takes charge of federal audits regarding IT security
• Writing and monitoring security policies and procedures
• Identifies, evaluates, and reports IT risks to Management
• Strengthens cybersecurity culture and awareness among employees
• Manages security incidents with the IT department as well as communication with Management and federal authorities
• Organizes and/or performs periodic checks on implemented security measures
• Main point of contact for cybersecurity with federal authorities

Education:

Master’s degree in Computer Science, Information Systems Security, or Engineering Sciences.