Chief Information Security Officer

Dutch Speaking - Chief Information Security Officer (CISO) GRC, NIS2 & ISO27001

Location: Brussels

Type: 12-month rolling contract

Seniority Level: Executive / Senior Leadership

About the Role

We are seeking an experienced and strategic Chief Information Security Officer (CISO) to lead and evolve our enterprise-wide security posture, with a strong focus on Governance, Risk & Compliance (GRC), and alignment with NIS2 and ISO/IEC 27001 frameworks. You will play a critical leadership role in defining our security governance strategy, ensuring regulatory compliance, and managing enterprise risks in a rapidly evolving threat landscape.

This is a unique opportunity to shape the future of information security at an organisation committed to excellence, innovation, and trust.

Key Responsibilities

• Develop and execute a holistic information security strategy, aligned with business objectives, compliance needs, and industry best practices.
• Lead the implementation, maintenance, and continual improvement of the ISO/IEC 27001 Information Security Management System (ISMS).
• Drive NIS2 compliance readiness, ensuring all legal and technical requirements are met and embedded across business functions.
• Oversee and mature the GRC program, including policies, third-party risk management, risk registers, control frameworks, and audit readiness.
• Act as the primary liaison with regulators, auditors, and executive leadership regarding cybersecurity risks and compliance matters.
• Monitor, assess, and report on cyber risk posture, providing insights and recommendations to the board and senior management.
• Lead incident response planning, simulations, and recovery processes in collaboration with IT, legal, and crisis teams.
• Mentor and grow a high-performing security team and foster a strong culture of security awareness across the company.

Qualifications & Experience

• Proven experience (8+ years) in information security, with at least 3 years in a senior leadership role such as CISO, Head of Information Security, or similar.
• Deep knowledge of GRC frameworks, ISO/IEC 27001, and demonstrable experience preparing for and passing ISO audits.
• Hands-on experience with NIS/NIS2 Directive compliance, ideally in a regulated industry (e.g., critical infrastructure, finance, healthcare, etc.).
• Strong understanding of risk management, cybersecurity governance, and compliance operations.
• Familiarity with security certifications (e.g., CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor) is highly valued.
• Excellent communication and leadership skills; capable of influencing cross-functional stakeholders and presenting at board level.
• Fluent in Dutch

Please apply to discuss the mission in more detail.

Apollo Team