CISO (m/w/d)

Social network you want to login/join with:

HIMA GROUP – WHERE TALENT MEETS TECHNOLOGY

Together, we are creating the future of digital safety.

Build and lead the Cybersecurity Department
Establish modern organizational structures and processes to strengthen our security posture.

Develop and enforce global security policies and standards
Implement and maintain frameworks such as ISO 27001 and NIST across the organization.

Coordinate ISO 27001 certification audits
Manage external audit processes and ensure timely remediation of findings.

Conduct continuous risk assessments
Identify, evaluate, and mitigate risks to ensure confidentiality, integrity, and availability of information.

Redesign the Security Operations Center (SOC)
Enhance incident response procedures, escalation protocols, and post-incident reviews.

Promote a strong security culture
Lead global awareness campaigns, phishing simulations, and targeted training for both technical and non-technical staff.

Design and test Business Continuity and Disaster Recovery plans
Ensure readiness and resilience through comprehensive planning and regular testing.

Lead cross-functional crisis management exercises
Facilitate simulations to improve organizational response capabilities.

Manage third-party risk
Assess vendors, integrate security clauses into contracts, and monitor ongoing compliance.

Report to executive leadership
Prepare and present regular updates on security posture, key performance indicators, and budget utilization.

Lead strategic security initiatives
Drive enterprise-wide projects to enhance information security and risk management.

IDEAL EXPERIENCE BACKGROUND

8–12 years in information security roles, with at least 3 years in a senior leadership position

Proven track record implementing and managing ISO 27001 or equivalent ISMS in a global, matrix-driven organization

Hands-on experience with SOC setup/optimization, SIEM/SOAR platforms, and incident response orchestration

Deep familiarity with cloud security controls (Azure, GCP or AWS) and Zero Trust principles

Demonstrated success leading large, cross-border projects and engaging regulators/third-party auditors

CRITICAL LEADERSHIP SKILLS

Strategic Vision: Translate business objectives into a clear, multi-year security roadmap

Risk-Based Decision Making: Balance security investments against operational needs and threat exposure

Crisis Leadership: Command presence and calm under pressure during security incidents

Effective Communication: Articulate complex security topics to technical teams, executives, and the board

Change Management: Drive cultural and process shifts to embed security by design

COLLABORATION AND INFLUENCE

Partner with IT, Legal, HR, Finance, and regional operations to align security initiatives with broader business priorities

Build strong relationships with external regulators, auditors, and key vendors

Facilitate Security Steering Committee meetings to secure buy-in and funding for critical projects

Mentor and develop security champions in each geographic region to foster decentralized ownership