Chief Information Security Officer

The Chief Information Security Officer (CISO) is a vital role responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. The CISO will be a senior leader responsible for handling the strategy, operations, and budget for the protection of the enterprise information assets and for managing that program.

· Develop and implement NOZ's information security strategy and roadmap by building robust security architecture and policies based on business needs, risk assessments, and regulatory requirements.

· Define security policies, standards, and procedures aligned with business objectives and industry best practices.

· Assess emerging threats and trends and adjust security strategies accordingly.

· Identify, evaluate, and prioritize security risks across the organization.

· Develop and maintain a risk management framework to mitigate risks effectively.

· Manage the risk management program through planning, developing, coordinating, and implementing information technology disaster recovery and business continuity planning.

· Oversee the design, implementation, and maintenance of security controls, technologies, and processes.

· Coordinate incident response activities and lead efforts to mitigate security incidents.

· Conduct regular security assessments and audits to ensure compliance and effectiveness.

· Ensure compliance with relevant laws, regulations, and industry standards, where required (e.g., GDPR, HIPAA, ISO

· Establish and maintain governance structures to support effective information security management.

· Liaise with internal and external auditors and regulators in reviewing special investigations results, internal audits, research studies, forecasts, and modelling exercises to provide direction and guidance.

· Develop and deliver security awareness programs to educate employees about their roles and responsibilities in maintaining security.

· Provide training to IT staff and other relevant stakeholders on security best practices.

· Establishes budget planning, controls, and monitors expenditures to comply with budget indicators.

· Execute all other tasks assigned by the Head of Department and Management.

· Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field.

· Master's Degree in a relevant discipline is preferred.

· Minimum of 10-15 years of experience in a combination of risk management, information security, and IT jobs.

· At least 5-10 years in senior management role in an information security function.

· Recognized information security certification (CISSP, CISM, etc.).

· Language: professional English and French

· Business Orientation; understanding Business Operations; adherence to Strategies; having positive behavior and attitude along with team spirit.

· Strong understanding of cybersecurity principles, frameworks, and technologies, including but not limited to NIST, ISO, CIS Controls, SIEM, IDS/IPS, DLP, encryption, and cloud security.

· Excellent leadership, communication, and interpersonal skills, with the ability to collaborate effectively across departments and influence stakeholders at all levels of the organization. Ability to Present and Work with C-Level Executives.

· Strong analytical and problem-solving skills, with the ability to make risk-based decisions in a fast-paced environment. This includes being results-oriented, having perseverance in achieving results.

· Proven ability to lead, develop and manage a diverse team of cybersecurity professionals.

· Planning and Organization - adherence to deadlines, ability to manage time and to prioritize Activities.

· Innovative, strategic thinking as well as solution Focus.