The post in a nutshell:
The Cybersecurity Director is a senior executive responsible for defining the cybersecurity strategy in such a way as to meet the organization’s cybersecurity challenges and to comply with the regulations in force in the countries where the organization operates. He leads the cybersecurity sector and can manage a network of Information Systems Security Managers (RSSI) to cover the entire scope of the organization. It defines the strategic and managerial indicators to measure the level of maturity of the organization in terms of cybersecurity and reports to General Management and the Audit Committee.
Given the current challenges related to cybersecurity, the Cybersecurity Director holds a senior executive position and is called upon to sit on the management bodies of his organization. Reporting to a member of the Executive Committee is recommended. He must have a comprehensive understanding of the evolution of cybersecurity to keep the organization’s security strategy up to date.
Equivalent title: Director of Information Systems Security (DSSI)
- Define the axes and strategic objectives in terms of cybersecurity and have them validated by General Management
- Identify security issues, major security risks weighing on the organization and legal and regulatory compliance requirements
- Define and maintain the IS security policy in collaboration with stakeholders
- Define the strategy for compliance with the legislative and regulatory framework; ensure relations with the players in its sector of activity around cybersecurity
- Define an annual or multi-year action plan
- Define an investment policy with regard to security objectives Define the organization of cybersecurity within the organization and lead it
- Define the organizational and technical measures to be implemented to achieve the security objectives
- Manage the implementation of the organization’s IT security charter and promote it to all users
- Contribute to responding to requests from customers and partners of the organization on security aspects
- Animate the CISO network through security governance
- Provide implementation support by providing technical and methodological assistance as well as tools and security solutions, possibly through a catalog of services
- Assess the level of security within the organization, in particular through the performance of periodic audits and permanent controls
- Check that IS security policies and rules are applied in the organization and vis-à-vis third parties and subcontractors (third parties)
- Report regularly to General Management on the current level of coverage of IS security risks
- Ensure an advisory role with the General Management and the business lines of the organization Represent the organization in relations with the regulatory authorities
Our advice: this position is open to women and men. Motivation and the desire to learn are the fundamental qualities for the success of your project. Don’t put a barrier on yourself, you can do it.
- Good knowledge of the organization’s challenges and professions
- Ability to build the organization’s cybersecurity strategy
- Ability to understand cybersecurity threats
- Knowledge of the information system and architecture principles
- Mastery of the fundamentals in the main areas of ISS Knowledge of security technologies and associated tools
- Risk management, cybersecurity policy and ISMS Legal knowledge of IT law related to IS security and data protection
- Knowledge of governance, norms and standards in the field of security: ISO standards (2700X), sector standards (PCI-DSS, etc.)
- Ability to influence
- Sense of general interest
- Team management
- Ability to work cross-functionally within the organization
- Ability to appropriate business issues
Description of the profession in the ANSSI directory
Given the current challenges related to cybersecurity, the Cybersecurity Director holds a senior executive position and is called upon to sit on the management bodies of his organization. Reporting to a member of the Executive Committee is recommended. He must have a comprehensive understanding of the evolution of cybersecurity to keep the organization's security strategy up to date.
How to access into the job?
Education: Bac + 5, including a specialization in cybersecurity Professional experience: more than 10 years in the field of cybersecurity
Our Intra-company training
From 2023 the CSB SCHOOL will offer you to train your employees to help them develop their different skills in the cybersecurity field. After a thorough study of the need by our development manager, you will be put in touch with our different pedagogical experts on the identified theme.
The complete career guide
Condimentum lacinia quis vel eros donec ac odio. Nibh cras pulvinar mattis nunc sed blandit libero volutpat. Facilisis gravida neque convallis a cras semper auctor neque vitae.
Same field jobs
Our school provides training in 21 cybersecurity jobs, from technical to supervising positions, from IT operations to industrial systems security. Here is the list of jobs you will be trained for by attending one of our training programs.