< Terug naar vacatures

Chief Information Security Officer (CISO)

Functieomschrijving

DPG Media is a privately owned media company active in Belgium, Netherlands and Denmark, with leading brands in printed press, online news, television and radio.  Our online platforms and mobile news apps reach over a million users every day.

About 400 IT colleagues build, implement and maintain the digital future of media. They are organised into 14 product oriented areas collaborating with business units in a large scale agile environment. The areas are brought together into 3 clusters, Media, Business and Support, each one matching a strategic business flow.

 

 

  • Create, define, maintain, and broadcast a security strategy to keep the company’s data, employees, and users safe.
  • Current strategy: you own the security strategy and make sure it gets followed and implemented. You help teams understand the strategy, apply them, you help solving problems in their context, you coach them on finding ways to implement, to learn, to improve. You have a general view on where we are, where we need to improve or go faster. You foster knowledge spreading between teams & people. You do this with the help of the security team.
  • Develop strategy: You assess when the current strategy needs to be adapted. You communicate & advocate this strategy.
  • Sparring, coaching, helping teams to apply the security strategy in their specific context. Help solving specific problems.
  • Lead a technical security team that does pentesting, developing security tooling, giving technical support for security incidents, etc…
  • The team helps defining the strategy, solving security questions or incidents, and has the freedom to explore and learn.
  • You can have an open conversation with the team about security on a technical level because you know that together you are smarter than alone.
  • You can clear the path of any non-technical, political, or other issues, to make sure the team can focus on their technical job.
  • Transparency within the team is important for you.
  • Give security guidance on all levels (technical to business) based on a pragmatic and risk-aware approach.
  • Any task or question will be validated against the security strategy.
  • You never say “no”, but you say “no, but you can do it like this”.
  • Sometimes as a security expert you will be frustrated by a situation, but you understand that within certain risk boundaries some things can be tolerated.
  • Stay up to date on recent vulnerabilities and exploits, major security incidents in the world, and recent discoveries in the field of security. In order to decide what would be applicable to the company.
  • You understand that security and more broadly IT is a quickly evolving market that you can only own by reading, learning, and being open-minded.
  • You know about the newest exploits on major systems and you know when they form a risk to the company.
  • You get excited about the latest security breach and are interested to understand how it could have happen, and how we can make sure it will never happen to us.  
Je profiel
  • Extensive knowledge of security engineering by preference at scale
  • Technical background because the main focus of the security track will be on technical improvements.
  • You know about Google’s BeyondCorp and you believe this is the way to go in security.
  • Agile mindset & experience with Scrum & other agile/lean methods (by preference at scale)
  • proven experience in security engineering (security management is a plus)
  • You know where to find good information about the latest trends in security.
  • You believe compliancy should not be the goal, better security is.
  • You want to  know the “why” and therefore you seek to understand. You question and drill down facts. You’re always constructive.
  • people oriented: coaching & servant leader. You can motivate people, you can help people in doing the right thing right.
  • Powerful questions & feedback skills
  • You see problems as a gift, you’re an advocate for transparency, you dare to face the brutal facts, name them, improve/solve them

 

  • You do not trust the network, you believe in the zero-trust network model and BeyondCorp is the way to achieve security for our data, brand reputation, users, and IT components.
  • You see security as a business enabler
  • You dare to defy the status-quo, even if it’s personally harmful
  • fact based thinker
  • Open, transparent, continuous learning,
  • Team player, helpful, conjunctive, inclusive
  • Result oriented, passionate about security
  •  
Aanbod

You will be working at a leading media company surrounded by awesome colleagues who make an actual impact. Like them, you are passionate about ICT and are continuously learning new things from each other and from the best in the trade. You are set out on a journey where every next week will be different from the last, and where you are stimulated on a daily basis to take things to a higher level. We offer you an interesting salary package and corresponding benefits (company car, group and health insurance, 32 days of paid leave, a company restaurant, …) Obviously, we provide the newest technologies and all the devices you need to excel in your work. Easy to reach offices in Vilvoorde, Antwerp, Rotterdam and Amsterdam We believe in flexible work: you give some, you get some. You don’t need to be at the office at 8.00 or even 9.00 sharp, we only ask you to check with your colleagues beforehand as they might have their own habits. Of course, we also expect you to be there for a super important meeting or a kick-ass team event. Amazing fun and tech events year-round. Check our LinkedIn page for proof.  

Solliciteer online
Delen