CERBA HEALTHCARE
Group Chief Information Security Officer H/F
CERBA HEALTHCARE, Ghent, New York, United States,
Group Chief Information Security Officer H/F
Key Responsibilities Establish and maintain the cybersecurity governance structure Provide regular reporting on the status of the cybersecurity program Develop, socialize and coordinate approval and implementation of security policies Direct the creation of a targeted cybersecurity awareness training program for all employees Advise on the cyber risk posture of the organization, including the mandatory application of controls Coordinate security programs globally and mobilize employees in all locations Lead the Organization Lead the cybersecurity function across the company Determine the cybersecurity approach and operating model in consultation with stakeholders Manage an effective cybersecurity organization, consisting of direct reports and dotted line reports Define and facilitate the processes for cybersecurity risk and for legal and regulatory assessments Ensure that security is embedded in the project delivery process by providing the appropriate cybersecurity policies, practices and guidelines Manage and contain cybersecurity incidents and events to protect corporate IT assets, intellectual property, regulated data and the company's reputation Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action Develop and oversee effective resilience policies and standards Coordinate the development of implementation of incident response plans and procedures Facilitate and support the development of asset inventories, including information assets in cloud services and in other parties in the organization's ecosystem Set the Strategy Develop a cybersecurity vision and strategy Develop, implement and monitor a strategic, comprehensive cybersecurity program to ensure appropriate levels of confidentiality, integrity, availability of information assets owned, controlled or/and processed by the organization as well as the meeting of safety, privacy, reliability and resilience requirements as needed Work effectively with business units to facilitate cybersecurity risk assessment and risk management processes Build the Network and Communicate the Vision Create the necessary internal networks Build and nurture external networks consisting of industry peers, ecosystem partners, vendors and other relevant parties to address common trends, findings, incidents and cybersecurity risks Liaise with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies Liaise with the enterprise architecture team to build alignment between the security and enterprise (reference) architectures Profile
Demonstrated experience and success Master’s degree in computer science, engineering, or a relevant field Minimum of 15 years of experience in information technology and data management, with a proven track record as Chief Information Security or in a similar managerial role within an international environment Preferably, knowledge of the Life Science environment Excellent organizational and leadership skills, with a proven ability to effectively lead and manage teams Strong managerial qualities coupled with strategic vision and a business mindset to define the Information Security roadmap and execution plan Extensive knowledge of IT systems, data and infrastructure Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework Sound knowledge of business management and a working knowledge of cybersecurity risk management and cybersecurity technologies Experience in managing IT systems and large company-wide projects Financial/budget management, scheduling and workforce management Languages : Fluent in English and French ideally Location : Ghent, Paris or Rotterdam preferably Reporting : The position will report to the Group CIO Contract
CDI Full-time Postal Code
92130 5 - Master
#J-18808-Ljbffr
Key Responsibilities Establish and maintain the cybersecurity governance structure Provide regular reporting on the status of the cybersecurity program Develop, socialize and coordinate approval and implementation of security policies Direct the creation of a targeted cybersecurity awareness training program for all employees Advise on the cyber risk posture of the organization, including the mandatory application of controls Coordinate security programs globally and mobilize employees in all locations Lead the Organization Lead the cybersecurity function across the company Determine the cybersecurity approach and operating model in consultation with stakeholders Manage an effective cybersecurity organization, consisting of direct reports and dotted line reports Define and facilitate the processes for cybersecurity risk and for legal and regulatory assessments Ensure that security is embedded in the project delivery process by providing the appropriate cybersecurity policies, practices and guidelines Manage and contain cybersecurity incidents and events to protect corporate IT assets, intellectual property, regulated data and the company's reputation Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action Develop and oversee effective resilience policies and standards Coordinate the development of implementation of incident response plans and procedures Facilitate and support the development of asset inventories, including information assets in cloud services and in other parties in the organization's ecosystem Set the Strategy Develop a cybersecurity vision and strategy Develop, implement and monitor a strategic, comprehensive cybersecurity program to ensure appropriate levels of confidentiality, integrity, availability of information assets owned, controlled or/and processed by the organization as well as the meeting of safety, privacy, reliability and resilience requirements as needed Work effectively with business units to facilitate cybersecurity risk assessment and risk management processes Build the Network and Communicate the Vision Create the necessary internal networks Build and nurture external networks consisting of industry peers, ecosystem partners, vendors and other relevant parties to address common trends, findings, incidents and cybersecurity risks Liaise with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies Liaise with the enterprise architecture team to build alignment between the security and enterprise (reference) architectures Profile
Demonstrated experience and success Master’s degree in computer science, engineering, or a relevant field Minimum of 15 years of experience in information technology and data management, with a proven track record as Chief Information Security or in a similar managerial role within an international environment Preferably, knowledge of the Life Science environment Excellent organizational and leadership skills, with a proven ability to effectively lead and manage teams Strong managerial qualities coupled with strategic vision and a business mindset to define the Information Security roadmap and execution plan Extensive knowledge of IT systems, data and infrastructure Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework Sound knowledge of business management and a working knowledge of cybersecurity risk management and cybersecurity technologies Experience in managing IT systems and large company-wide projects Financial/budget management, scheduling and workforce management Languages : Fluent in English and French ideally Location : Ghent, Paris or Rotterdam preferably Reporting : The position will report to the Group CIO Contract
CDI Full-time Postal Code
92130 5 - Master
#J-18808-Ljbffr