Professional Documents
Culture Documents
Cisco Officer - Job Description
Cisco Officer - Job Description
Main Activities:
Information Security Management:
Identifies security protection objectives and metrics in accordance with CISO strategic plan and priorities
actively maintains an information security management system (ISMS) in accordance with
International Standards (Imposed)
is responsible for actively monitoring and completing the various CISO dashboards as well as other sources
of information in the CISO universe and implements appropriate corrective measures within the IT
organization
ensures the sorting of emails received in the CISO inbox within the Cyber & Information Security Office tracks
defined actions of internal and external IT audits within the organization
IT and provides monthly feedback to IT management as well as the client's internal audit department
IT compliance monitoring:
establishes and maintains an IT compliance and audit framework in compliance with legal requirements or
strategic IT objectives
collaborates closely with the Data Protection Officer and the Information Risk Manager (risk identification) to
share audit findings and compliance violations
carries out IT audits and compliance engagements – based on information security and data protection
policies and information risk management processes – to identify breaches and violations
facilitates the writing of conclusions, both at a high (executive summary) and technical level
(architects/engineers/developers), including proposal of mitigation scenarios
ensures administrative follow-up of recommendations arising from the IT audit which have not yet been put
in place
Knowledge development:
stays informed of new developments in CISO fields and reviews how to apply them within the client's
organization
stays informed of new security threats, market developments, technologies, relevant legislation, IT technical
developments and other security-related issues attends continuing basic training, seminars, etc.
CRITERIA:
Area of responsibility:
Information Security Management
Information Risk Management
Équipe CISO Security Solutions & Services
Information security and data protection governance, policies and awareness
Coordination and management of one or more projects and one or more initiatives within the department of
information security
Reporting on CISO domains and security findings
IT compliance monitoring
Updating and expanding your knowledge
Problems solving:
Be able to convert the CISO strategic plan into objectives, indicators, actions, etc.
Be able to execute several projects in parallel
As part of projects, be able to distribute activities between several people
Be able to draft and implement frameworks, procedures, policies, standards and programs sensitization
Analyze security incidents and be able to propose solutions – which are sometimes not obvious
Carry out correct risk assessments
Prepare and give presentations to senior management and management
Be able to keep knowledge up to date within a field governed by a rapid evolution curve(trends,
technologies, etc.)
Demonstrate autonomy in managing your projects and project teams and in handling
questions/complaints/incidents
Comply with the information security policy and vision, the CISO strategic plan, the ISO2700x standard,
current legislation (GDPR, NKI, NIS, etc.) and international standards
Call on the manager in the event of escalations, to examine incidents, validate project plans,
budgets, resources and reports (intermediate)
Languages:
Knowledge of French, Dutch and English (oral and written)