Chief Information Security Officer (M/F)
Who we are:
LuxProvide is the national HPC organization in charge of implementing supercomputing facilities and providing HPC, HPDA & AI competencies and services. For our recently set up organization and HPC infrastructure, we are seeking for a Chief Information Security Officer to join the management team.
Your role consists in:
- Establish and maintain the company’s vision, strategy and program to ensure information assets and technologies are adequately protected
- Design and implement a comprehensive information security and cybersecurity architecture for the organization in collaboration with the CTO, enabling the positioning of the organization as a secure and trusted environment
- Develop and implement effective and reasonable cybersecurity protocols, information security processes, policies, procedures, controls, and systems, mitigating threats as they emerge
- Align organizational security standards and frameworks with the overall business and technology strategy
- Ensure that security policies, procedures and solutions follow state-of-the-art international standards and best practices and comply with applicable laws and regulations
- Develop the organizational culture as regards cybersecurity and information security
- Develop risk and security assessment processes, carry out risk and security assessments, and report on their outcome
- Identify and communicate current and emerging security threats
- Lead and contribute to security incident response processes, carrying out investigations, determining what went wrong in a breach, taking corrective actions and implementing appropriate fixes in case of a breach
- Make sure all the above initiatives run smoothly and that the company’s leadership and staff understand their importance and comply in their daily work with the policies and procedures in place
- Together with the Operations department:
- Coordinate with vendors and third parties, assisting in the procurement and purchase of new software and hardware, ensuring organizational cybersecurity and information security objectives are being met.
- Ensure the security of identity and access management systems.
- Ensure the security of HPC/Cloud infrastructure, services, and solutions provided.
- Contribute to the security design for integration of new operational services and their support systems.
- Ensure the robustness and resiliency of security systems and solutions.
- Coordinate activities with technical personnel and vendor resources to develop and implement security solutions, mitigations, and fixes in a timely manner
- Together with the Business Development department:
- Create solutions that balance business requirements with applicable security protocols, and compliance/regulatory requirements
- Devise strategies to embed cybersecurity defenses into the foundation of new initiatives, strengthening the organizations' positioning and advancing business needs
- Advise on the implementation of security systems and solutions throughout the organization
- Communicate risks and security intrusions with management
- Identify and evaluate promising new security technologies
- Ensure the continuous improvement of cybersecurity and information security systems and processes
- Liaise with cybersecurity organizations, exchanging best practices and keeping the organization at the forefront of cybersecurity
- Lead, contribute in and participate in training sessions, outreach events and professional gatherings
- Lead certification processes related to information security, ensuring the organization obtains and maintains desired certifications, such as (but not limited to) ISO 27001 and ISO 22301
- Develop and maintain the documentation, policies, processes and controls required under these certifications
- Conduct trainings in order to ensure staff compliance with developed policies and processes
- Master degree in computer science, computer systems, computer engineering or a closely related field
- Proven working experience (+10 years) in information security related topics
- Solid Knowledge of regulation and standards compliance
- Sound experience in designing, developing and implementing Information Security policies
- Extensive business acumen
- Entrepreneurship, proactiveness and strong presentation and social skills
- Fluency in English and strong verbal/written communication skills is required. German and/or French is a plus