The Cybersecurity Program Manager leads the implementation of the cybersecurity strategy at the OTW level. He/she is responsible for planning, coordinating, and monitoring initiatives aimed at strengthening the security posture, relying on the CCB’s Cyber Fundamentals framework and with the objective of NIS2 certification.

Reporting directly to the manager of the IT transversal support department, he/she acts as the conductor of the cybersecurity program, ensuring alignment with the organization’s strategic priorities, consistency of technical projects, and regulatory compliance.

We are seeking a hybrid profile: both structuring and operational, capable of formalizing a roadmap, managing cross-functional actions, but also producing the expected concrete deliverables, notably a reference document aligning NIS2 requirements with the measures already implemented (security registry).

Mission Objective

Preparation for NIS2 certification:

• Define objectives, planning, and approach.

Define and manage the cybersecurity roadmap:

• Identify security priorities.
• Develop multi-year action plans.

Coordinate security projects:

• Supervise the implementation of technical solutions carried out by operational project teams.
• Ensure consistency between different projects and their integration into the IT ecosystem.

Manage risks and compliance:

• Conduct risk analyses.
• Monitor regulatory requirements (NIS1, GDPR, etc.).

Lead cybersecurity governance:

• Organize steering committees.
• Produce dashboards and performance indicators.

Raise awareness and support stakeholders:

• Promote a culture of security.
• Train business and IT teams in best practices.

Analytical and Decision-Making Skills

• Ability to analyze complex environments.
• Rapid, objective, and evidence-based decision-making.
• Prioritization of actions according to impact and criticality, taking into account capabilities and ongoing projects.
• Technology watch: Monitoring trends, threats, and innovations in cybersecurity.
• Hybrid profile able to reconcile strategic management and operational execution.
• Ability to produce a documented, structured, and actionable NIS2 compliance reference (security measures registry).
• Proficiency in producing concrete and actionable deliverables, in line with regulatory requirements and internal IT practices.

Interpersonal Skills

Leadership: motivate and coordinate multidisciplinary teams.

Communication: explain technical topics to non-technical audiences.

Change management: support the organization in adopting good security practices.

Expected Deliverables

• Validated cybersecurity roadmap (1 year after 3 months, 3 years after 6 months).
• Risk management plan.
• Project progress reports.
• KPI tracking dashboards.
• Compliance documentation.