Departementale Chief Information Security Officer (CISO)

Role purpose: Lead and govern departmental information security to protect confidentiality, integrity, and availability of data and services, ensuring compliance with relevant laws, policies, and risk standards., * Define and maintain the departmental information security strategy, roadmap, and security governance framework.

• Own the information security risk management process, including risk assessments, treatment plans, and reporting to leadership.
• Establish and oversee security policies, standards, and controls across IT, cloud, and third-party services.
• Coordinate incident response, crisis management, and post-incident reviews; drive continuous improvement.
• Ensure compliance with applicable regulations and internal policies; support audits and remediation activities.
• Manage security awareness and training programs to improve security culture and reduce human risk.
• Oversee security monitoring, vulnerability management, and secure architecture principles in projects and operations.
• Lead stakeholder collaboration with IT, legal, privacy, procurement, and external partners.

• Information security leadership: proven experience setting strategy, influencing executives, and driving cross-functional execution.
• Risk & compliance: strong knowledge of security frameworks (e.g., ISO 27001/27002, NIST) and audit readiness.
• Technical breadth: understanding of networks, identity and access management, cloud security, and secure development practices.
• Incident management: ability to lead response coordination and decision-making under pressure.
• Communication: clear reporting, policy writing, and stakeholder management.