You are responsible for guarding the vision, the development of strategy and the implementation of the programme within the NMBS-SNCB organisation (including its affiliates) on Information Security, Information Security Risks and IT Risk Management.
You identify, analyse and report information security risks for different NMBS-SNCB directorates. You supply the Information Security requirements for IT projects.
You identify, analyse and report on the internal IT risks, and take care of the follow-up. You maintain the risk register and take care of the management reporting.
You participate in the implementation of an ISMS. You define policies, standards, procedures and guidelines. You take care of their communication and awareness. You follow up and report on their implementation and status. T
The influence of the Information Security & Risk Officer extends across the entire enterprise. The Information Security & Risk Officer reports to the Information Security, Risk & Service Continuity Manager
Information Risk Management
IT Risk Management
Information Security Management
In all of these domains, you will work closely with IT PMO to align with existing IT processes, with IT project managers and operational managers to identify or mitigate risks, with the NMBS-SNCB Data Protection Officers to guard privacy, with the IT Compliance Officers, with the CyberSecurity department, with the IT Service Continuity Officers to align on risks and BIA’s.