## Vos missions
We are seeking a highly experienced and strategic **Chief Information Security Officer (CISO)** to lead and oversee the organization’s **global cybersecurity strategy**, policies, and governance. The CISO will play a pivotal role in protecting the company's critical assets, including information systems, networks, intellectual property, and data across all business units and subsidiaries.
This executive position will also be responsible for **coordinating the certification and compliance efforts of the company's subsidiaries**, ensuring alignment with group-wide cybersecurity standards and regulatory requirements.
**Key Responsibilities**
**Cybersecurity Strategy & Governance**
* Develop, implement, and maintain a **comprehensive cybersecurity strategy** aligned with business objectives and risk appetite.
* Maintain the **Information Security Management System (ISMS)** for the group.
* Establish policies, standards, and frameworks to **continuously improve the company’s security posture**.
**Risk Management & Asset Protection**
* Identify, evaluate, and mitigate **cybersecurity risks** across the organization and its subsidiaries.
* Conduct regular **security risk assessments** and penetration testing to protect systems and data.
* Lead efforts to secure **critical infrastructure, proprietary data, and operational technologies**
**Subsidiary Certification & Alignment**
* Coordinate and oversee the **cybersecurity certification processes** (e.g., ISO 27001, NIS2, DORA ) across all subsidiaries.
* Support local Managers to ensure **harmonization of security standards** across the group.
* Monitor subsidiary compliance with group policies, legal and regulatory frameworks.
**Incident Response & Threat Management**
* Build and lead a **Security Operations Center (SOC)** and incident response team.
* Build and lead a **Vulnerability Operations Center ( VOC)**
* Drive **Cyber** **Crisis Simulation Exercise**
* Develop and execute **incident response plans** and forensics capabilities.
* Stay up to date with **emerging threats**, vulnerabilities, and regulatory changes.
**Awareness, Training & Culture**
* Promote a strong **security culture** within the organization.
* Define and implement **security awareness training** programs for all employees.
* Serve as the internal advocate for security best practices.
**Stakeholder Communication & Reporting**
* Report regularly to **executive leadership** and the **Board of Directors** on cybersecurity risks, incidents, and compliance status.
* Act as the key contact for **external auditors, regulators, and partners** regarding information security matters.
## Vos compétences
**Education**
* Master's degree in Computer Science, Cybersecurity, or related field.
* Relevant certifications preferred: **CISSP, CISM, CISA, ISO 27001, SANS/GIAC**.
**Experience**
* **10+ years** in information security.
* Proven experience in **security governance, risk management**, and **regulatory compliance** (e.g., ISO 27001, GDPR, NIS2).
* Strong background in IT infrastructure.
**Skills**
* Deep knowledge of **threat landscapes, incident response, mitigation strategies**.
* Familiarity with security frameworks: **ISO 27001, NIST, CIS Controls, OWASP**.
* Capable of leading **security audits, penetration tests, BCP/DRP**, and compliance assessments.
* Understanding of **legal and regulatory cybersecurity issues**.
**Soft Skills & Leadership**
* Strong **leadership and team management** skills.
* Excellent communicator, able to engage both technical teams and executive leadership.
* Strategic thinker, able to align **security vision with business goals**.
* Analytical mindset, crisis management, and prioritization skills.
**Languages**
* **Professional English** (spoken and written) required for international communication.