Cyber Strategy & Architecture Manager

As Cyber Strategy & Architecture Manager at NVISO, you will lead our team of CISO/ISO consultants while actively contributing to client projects. Your role will be key in enhancing our clients’ cybersecurity posture by creating and driving security strategies and their programs throughout the company. Key responsibilities include, but are not limited to: Leading and managing a team of CISO/ISO consultants to deliver high-quality services to clients; Collaborating closely with clients to understand their business objectives, their risks and their unique security requirements; Assessing the security maturity of clients (using the ISO or NIST standard) to identify gaps and areas for improvement; Developing and implementing a fit-for-purpose security program (that aligns with industry standards if ISO-certification is a MUST for the client); Driving the security program at clients, where you also act as the security champion, spreading the “gospel” on security; Conducting risk assessments, identifying potential vulnerabilities, and recommending risk mitigation strategies; Overseeing and supporting with the implementation of the security program, including policies, procedures, and controls; Providing updates to management on the ‘state of security’ at their company; Holding steering committees at the customer with relevant stakeholders to guide & adapt the security program, where needed. Requirements You hold citizenship in one of the 32 NATO member states. Bachelor’s degree in Business Administration, Information Security, or a related field. Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), ISO27001 Implementer/Auditor or equivalent are strongly preferred. Proven experience in being a CISO and/or having successfully implemented ISO27k at clients. This covers, but not limited to: risk assessment, security roadmap creation, CISOaaS and policy development. In-depth knowledge of relevant industry standards and frameworks, such as ISO 27001, NIST, NIS-2, GDPR, etc. Familiarity with risk management methodologies and their application to cybersecurity. Quickly grasping the complexity and the business reasons for a company to perform security and adapting your communication style and the security program to make it fit for the client. Excellent written and verbal communication skills to effectively convey complex concepts to technical and non-technical stakeholders. Leadership skills to manage a team and collaborate with clients and cross-functional teams.