Medior IT Security Manager
The role is shared between a regional role for Northern Europe and a local role as IT Security Leader in Belgium. S/he will oversee IT security in the region.
- Previous experience as IT Security Manager
- Extensive knowledge of Security and Risk Frameworks as well as software development
- Fluent in French and English
What you'll do
- Implementing the global IT security strategy
- Building, managing and reporting the IT compliance budget and costs in accordance with Group requirements
- Managing the IT security leaders and experts in the region and the Business units
- Overseeing or managing IT security projects
- Taking over specific global IT compliance topics for the Group if need be
- Managing security services in accordance with Group strategy (e.g. Access management, Authentication, Network / Email / Endpoint Security, DLP)
- Defining, implementing and maintaining the IT Security procedures in the region, inaccordance with Group policies
- Implementing IT security in projects (Security by design: risk analysis, recommendations, control before go live), using Group methodology
- Performing and reporting IT Security risk assessments on IT applications and IT assets to ensure compliance with the group security standards and protect the business
- Implementing security controls on IT services, including penetration testing, code reviews and third-party audit
- Collecting and publishing security KPIs for the region and the Business units
- Following-up zone remediation plan
- Role includes IT resilience and IT compliance, complying with the standard and regulation needed for the business (PCI-DSS, ISO27001, …)
- Promoting IT compliance in the region and be the referent inside the region regarding IT compliance
- Integrating IT compliance requirements or perspective in project and application risk analysis (e.g. GDPR IT related requirements, IT resilience)
- Managing and reporting IT security incident according to Group policy & procedures
- Reports to the Global Chief Information Officer, and under the supervision of the EMEA IT security leader
- Direct reports: Business units IT Security leaders and experts
- Other key relationships: Global IT security team, Regional and BU IT leaders, Application owners, Developers, project managers, IT ops, General managers and business representatives, Data Protection Officer, Architects
- Monitoring our cllien'ts Digital risk in the BU and in the Region (regulatory, governance, IT infrastructure and application)
- Ensuring the implementation of the Group security policies and procedures
- Ensuring our clien'ts Digital systems constantly meet security standards and/or company risk appetite
- Supporting our Client's initiatives around new technologies and bringing in innovation to our Client's IT security practices (Cloud security, DevSecOps approach, …)
Who we're looking for
S/he will be result and performance oriented with a can-do attitude and be able to persuade/influence others in the organization. The IT Security leader needs to build and report the information security risk profile of the Region.
As a manager, specialized in information security, the IT Security leader, requires strong communication skills. The ability to engage various stakeholders with passion and conviction to persuade others that security is paramount and not just an option.
Manager posture as well as relevant technical skills are essential to ensure credibility within the Company.
- 5 years of experience as Information security manager and expert in a still growing, evolving international matrix environment. Experience should ideally have been gained in large and complex international organizations where security is a critical capability. S/he will have demonstrated experience building trusted relationships in the organization, based on competence and credibility rather than authority. Experience in project management and procedure implementation, maintenance and monitoring will be appreciated.
- Extensive knowledge of Security and Risk Frameworks as well as software development best practices. Additionally, s/he will have deep understanding of the cybersecurity threats and stakes. That experience will have been acquired within forward-thinking / modern organizations, operating preferably with public cloud (AWS/Azure) and eCommerce platforms.
- Professional security management certification is a plus e.g. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials. Experience in certification, security standard or regulatory program (e.g. ISO27001, PCI-DSS, NIST, CIS, GDPR, DSP2, …) is also a plus.
- Fluent in French and English
CRITICAL LEADERSHIP CAPABILITIES
Collaborating and Influencing
- Invites and uses the opinions and perspectives of others across the organization
- Adapts own approach to the audience, anticipating issues, preparing for possible resistance to proposed solutions and responding in an appropriate style to reach a mutual agreement
- Resolves conflicts by discussing individual issues with each person
- Works closely with various business unit IT leaders and application owners to ensure a common understanding of objectives.
- Takes initiative and proactively engages with the Business units, rather than being reactive to their demands.
- Accepts input from a wide range of perspectives in a highly international context.
- Promotes diversity of views, such as diversity from thoughts, background, experience and process, in headquarter and subsidiaries.
What you'll get
- A full-time CDI contract with a competitive salary & full package. (Car, insurance,...)
- Our client is a renowned company, located in the heart of Brussels