Chief Information Security Officer

Mission Overview:

The role is for a consultancy mission at a client site through Keystone Solutions. Our client, a leading healthcare institution, is seeking a Senior Chief Information Security Officer (CISO) to enhance their cybersecurity framework in line with the directives imposed by the European NIS2 legislation.

Key Responsibilities:

The successful candidate will perform the following responsibilities as a Keystone Solutions consultant, working closely with the client:

Cybersecurity Governance:
- Serve as the temporary Chief Information Security Officer (CISO)
- Clarify cybersecurity roles and responsibilities
- Formalize necessary policies (ISO 27001, NIS2, GDPR)

Compliance with NIS2:
- Conduct a current state analysis and a maturity assessment
- Develop a prioritized action plan
- Coordinate internal stakeholders and suppliers

Risk Management:
- Map IT and OT risks
- Update institutional risk analysis
- Provide security expertise to ongoing projects

Operational Security Management:
- Oversee security audits
- Manage critical incidents
- Recommend or initiate a detection system (SOC, MSSP)

Compliance and Awareness:
- Collaborate closely with the Data Protection Officer (DPO)
- Support IT teams and business units
- Produce reports required by management and authorities

Reporting:
- Build a NIS2 dashboard
- Formalize compliance documents
- Ensure traceability and evidence of implementation

Skills:

• Security Architecture and Urbanization 
• IT and Cyber Risk Management 
• Security Governance
• Familiarity with NIS2 or ISO 27001 
• Operational Cybersecurity Management 
• Strategic Vision & Roadmap 

Language Proficiency:

• Dutch or French - Native or bilingual proficiency.
• English - Professional working proficiency.

Key Questions:

• Do you have a proven track record in cybersecurity management?
• Have you previously defined a security plan for NIS2 or ISO 27001?
• Can you elaborate on this experience?
• Do you have an in-depth understanding of NIS2 specifications?
• Are you familiar with the compliance requirements for hospitals under NIS2?
• Can you describe your approach to defining a Cyber plan for compliance at an Essentials level?
• Can you confirm your availability to be onsite 4 days a week (potentially non-consecutively)? If your answer is negative, the application will be automatically rejected (exclusion criterion).

If you are ready to tackle technical and strategic challenges in a dynamic consultancy environment, apply today at Keystone Solutions Career Portal.