(Expert) Cyber Security Program(me) Manager

As cybersecurity programme manager, you will be responsible for developing, coordinating and implementing the client's cybersecurity programme.

Responsibilities:

• Formulate a strategic vision around cybersecurity for the city of Antwerp
• Coordinating the cybersecurity programme and ensuring timely delivery within scope and budget
• Leading and inspiring the cybersecurity team to achieve organisational goals
• Drafting information security and cybersecurity policies and guidelines
• Implement best practices and standards for information security in the organisation
• Risk management: evaluate and identify potential security risks and vulnerabilities in the organisation + develop measures to mitigate these risks and prevent incidents from occurring
• Responding to cybersecurity incidents and developing incident response plans
• Compliance and regulation: ensuring compliance with relevant information security and privacy laws and regulations (NIS2, GDPR, etc.)
• Understand new and emerging threats and technologies, and take proactive measures to protect the organisation.

• Implementation NAC (Network Access Control)?
• Set up SOC (Security Operations Centre) operation?
• Set up and implement IAM (ENTRA?)
• Set up patch management?
• Approach risk management?
• Set up and implement PAM (Privileged Access Management)?
• Formulate security policies?
• Implementation NDR solution (Network Detection and Response)?
• Various awareness projects?

• Proven experience in infrastructure or development projects
• Proven experience as Programme Manager, leading Programmes on infrastructure or development projects
• Proven experience with project management techniques and tools (risk management, issue management, ...)
• Demonstrable knowledge of and experience with ITIL.
• Demonstrated experience with terminology, organisation, roles and processes of the PM methodology (e.g. Prince2, PMBok, ...), preferably demonstrated by certification. Able to transfer relevant expert knowledge
• Demonstrated knowledge and experience of a programme management methodology (e.g. Agile, Scrum, MSP), preferably demonstrated by certification.
• Language requirement: Dutch-speaking at European CEFR - level C2.

The candidate has the following demonstrable skills from multiple projects:

• Has gained extensive knowledge in leading projects and has broad experience of project operation within an IT context (technology, agile, infrastructure, ...).

Through education and professional experience, the candidate should have a sound knowledge (profile of programme manager expert) and a minimum of 10 years' experience of:

• Planning, coordinating and budgetary management of projects preferably in the public sector (these activities should be done according to the standard agreements for project operation within Digipolis)
• Simultaneously managing multiple project teams with internal and external staff (project leaders, security architects, infrastructure) and core users
• Organising the required internal consultation and consultation with stakeholders within Digipolis and at the customer's site
• Organising the acceptance and dissemination of the project results
• Coordinating and implementing activities within procurements subject to public procurement legislation
• Working analytically, in a structured and pragmatic manner
  

Has sufficient knowledge of the below types of projects to be able to lead them:

• Projects around IT infrastructure and/or cybersecurity, preferably in a leadership role
• Large and small IT projects with a focus on cybersecurity
• Change management.

The candidate has the following personal and social skills:

• Excellent management skills.
• Highly communicative, both written and verbal
• Great independence and sense of responsibility
• Sense of quality
• Cost-conscious
• Strong coordination skills
• Experience with different consulting styles
• Strong customer and service-oriented attitude
• An initiator of new ideas
• Strong analytical/conceptual thinking skills
• Flexible and stress-resistant.

Knowledge of cybersecurity practices, standards and frameworks (e.g. NIST, ISO 27001, CIS) are an asset. Possession of a certification such as Certified Information Systems Security Professional (CISSP), ISC2 or CompTIA Security+ is a big plus.