Description
Easi aims to move to the next level in terms of cybersecurity and information governance. The ambition is now to structure, professionalize, and further develop the CISO function.
This role represents a true strategic challenge, offering strong autonomy and a direct impact on the business, clients, and regulatory compliance.
We are looking for an experienced CISO profile or a technical professional willing to grow into this role, ideally coming from similar-sized organizations (100+ employees) operating in sectors handling sensitive data (medical, pharma, financial services, etc.).
And if this job excites you, you might as well join Belgium’s Best Workplace since 2015! 😉
Responsabilities
Governance & ISMS
- Manage, maintain, and continuously improve the ISMS (ISO 27001).
- Oversee information security and ensure the implementation of Easi’s recommendations.
- Review and supervise information security policies and procedures (the CISO does not necessarily draft everything but ensures their existence, consistency, and proper implementation).
Risk & Incident Management
- Define and implement the appropriate tools for:
- Risk monitoring and assessment
- Security incident management
- Change request management
- Ensure structured and rigorous follow-up of these elements.
Clients & Communication
- Respond to client requests related to information security.
- Implement a scalable organization to reduce operational workload:
- Security FAQ
- Chatbot or similar tools for recurring questions
- Clearly explain how data is managed and protected at Easi.
Regulatory Compliance & Monitoring
- NIS2: Lead compliance efforts (Easi being considered an essential entity).
- Ensure continuous regulatory and legal monitoring: NIS2, Cyber Act, AI Act, DORA, etc.
- Understand and anticipate new regulatory requirements.
Business & Security Alignment
- Understand business needs and ensure that security: Does not hinder operations and guarantees an adequate level of protection
- Participate in information security meetings with internal stakeholders..
Profile
Must-have:
- Ideally 5 years of experience managing ISO 27001.
- Strong knowledge of NIS2.
- Autonomous profile, with a strong sense of ownership of the CISO role.
- Very good level of English.
- Organized and detail-oriented personality, with particular attention to risk and incident follow-up.
- Ability to clearly explain how they stay up to date with regulatory and normative developments.
- Excellent written and verbal communication skills.
Nice-to-have:
- Knowledge of or experience with DORA.
- ISO 27001 Lead Implementer and/or Lead Auditor certification.
- Previous experience implementing ISO 27001 within an organization.
- Trilingual profile: FR, NL & EN.
- Technical background appreciated (e.g., former System Engineer).
Benefits
Competitive salary package with fringe benefits:
- Company car with fuel and/or charging card for unlimited use in Belgium
- Meal vouchers
- Eco-vouchers
- Hospitalization insurance Alan: innovative, transparent and paperless health partner. Ability to add outpatient and dental insurance (specialists, doctors, dentists,...) at a lower cost than if taken separately
- Group insurance
- Mobile phone subscription
- Seniority days
- Platform for converting the end-of-year bonus into additional, personalised benefits ts
A fun and stimulating work environment:
- Transparent communication
- Modern, wellbeing-oriented offices
- A young, dynamic and forward-looking management
- Events: business trips abroad, sports and team building events, gala evenings, etc.
- Fresh fruit, free breakfast once a month, gaming room (darts, PlayStation, board games, kicker table,...), afterwork every Friday, and ... strong coffee ;-)
Opportunities:
- Opportunity to grow rapidly, both vertically and horizontally
- Possibility to become shareholder after 3-4 years