IT Security Manager / Responsable Sécurité Informatique (IT) / Freelance

Position Overview The CISO will be responsible for leading the development, implementation, and oversight of the organization's Information Security strategy, specifically in the domains of Governance, Risk Management, Compliance (GRC), engineering, and physical building security. This role will be pivotal in ensuring the security posture of the organization aligns with regulatory requirements and industry best practices, with a particular emphasis on architectural and infrastructural security controls. Key Responsibilities Governance, Risk, and Compliance (GRC) : Develop and enforce Information Security policies, ensuring compliance with regulations (e.g., GDPR, ISO 27001). Conduct risk assessments and establish mitigation strategies. Report on security posture to senior leadership and the Board. Oversee audits and compliance activities. Engineering and Security Architecture : Lead the design and integration of security controls within IT infrastructure. Ensure secure system architecture and compliance with best practices in the software development lifecycle. Secure cloud, hybrid, and on-premise environments. Industrial Site Security  ensure robust OT security by implementing network segmentation, asset visibility, and real-time threat detection across industrial systems. Leadership and Collaboration : Advise senior leadership and foster a culture of security. Collaborate across departments to integrate security standards. Provide expert guidance on emerging threats and vulnerabilities. Continuous Improvement and Threat Intelligence : Oversee threat intelligence and vulnerability management. Continuously assess security controls and recommend improvements. Profil candidat : Required Skills & Qualifications Fluent French & English Proven experience as a CISO or similar role with a focus on GRC and Security Architecture. Expertise in compliance standards (e.g., ISO 27001) and risk management. Knowledge of physical and building security protocols. Leadership skills with the ability to influence and report to senior leadership. Relevant certifications (CISSP, CISM, CISA) preferred. Desirable Attributes Understanding of emerging technologies and security trends. Familiarity with international data protection laws and compliance. Strong communication skills to explain security to non-technical stakeholders.