As part of strengthening the cybersecurity requirements imposed by the European NIS2 directive, CHU Brugmann wishes to engage, for a temporary assignment, a senior consultant acting in the role of CISO (Chief Information Security Officer).

The objective is to benefit from proven cybersecurity expertise for 6 months, in order to:

• Lead the launch of the NIS2 compliance program,
• Structure the foundations of robust security governance tailored to the hospital sector,
• And prepare the transition towards the future recruitment of a permanent internal CISO.

Main Objective

Implement and coordinate the NIS2 compliance program for CHU Brugmann, while sustainably structuring the functions of governance and management of information security.

Tasks and Responsibilities

Cybersecurity Governance:

• Assume the function of temporary operational CISO
• Clarify cyber roles/responsibilities
• Formalize the necessary policies (ISO 27001, NIS2, GDPR)

NIS2 Compliance:

• Perform a current state assessment and maturity evaluation
• Develop a prioritized action plan
• Coordinate internal stakeholders and suppliers

Risk Management:

• Map IT and OT risks
• Update the institutional risk analysis
• Provide security expertise to ongoing projects

Operational Security Management:

• Monitor security audits
• Manage critical incidents
• Recommend or initiate a detection system (SOC, MSSP)

Compliance and Awareness:

• Work closely with the DPO
• Support IT teams and business units
• Produce the reports expected by management and authorities

Reporting:

• Build an NIS2 dashboard
• Formalize compliance documents
• Ensure traceability and evidence of implementation

Additional Information:

• The mission can be extended for a maximum duration (including the initial period) of: 880 working days