Information Security Officer

Stellantis e-Transmissions, a member of the Stellantis group, operates in Belgium and the Netherlands, specializing in hybrid transmission manufacturing. With a workforce of over 850 employees, robust R&D with state-of-the-art test facilities, and comprehensive operational capabilities, we are at the forefront of the automotive industry.

Our product portfolio includes a range of innovative dual clutch hybrid and conventional transmissions, designed to be affordable and deliver superior driving performance, fuel efficiency, and reduced CO2 emissions.

We are currently seeking motivated Information Security Offer to join our team. By joining us, you'll be part of a leading company that is shaping the future of hybrid transmission technology.

About the Role

As an Information Security Officer you are responsible for implementing and maintaining security policies, procedures, and practices to protect the organization’s information assets. Reporting directly to the Head of Cyber Security with close collaboration to other departments, this role ensures compliance with ISO 27000 standards, NIS2 regulations and GDPR requirements. you will play a key role in the development, implementation, of the ISMS, along with management and integration of cyber security solutions to address cyber risks and maintain a robust security posture across the organization.

Primary duties and responsibilities

Leadership & Team Management:

• Ability to Lead and manage a potential Information Security Team, ensuring alignment with organizational goals and compliance requirements.
• Plan and create new roles if needed, determining required talents, hiring, and team development.
• Foster a collaborative and innovative culture while resolving escalations to maintain operational efficiency.

Strategic Planning & Compliance

• Develop and implement the information security strategy to meet ISO 27000, NIS2, GDPR, and CRA requirements.
• Maintain and update the ISMS, incorporating regulatory changes and best practices into policies and processes.
• Lead audits for ISO 27000 compliance and address non-conformities to drive improvements.

Resource Management & Budgeting

• Allocate resources effectively to meet project requirements and workload.
• Prepare and manage budgets for tools and resources (CAPEX and OPEX).
• Collaborate with leadership to secure funding and support for security initiatives.

Risk Management & Incident Response

• Conduct risk assessments, vulnerability scans, and audits to identify threats and prioritize mitigation.
• Lead the incident response plan in compliance with NIS2, ensuring incidents are documented and resolved effectively.
• Monitor third-party vendor risks and ensure alignment with security standards and regulatory requirements.

Technical Oversight & Innovation

• Oversee the deployment and management of a robust SIEM environment integrated with critical infrastructure.
• Implement advanced tools like Microsoft Sentinel, Elastic, and encryption technologies to enhance security capabilities.
• Validate key security documentation, including compliance reports and risk assessments.

Continuous Improvement

• Refine security processes, tools, and strategies based on emerging threats and lessons learned from incidents.
• Continuously adopt new technologies and methodologies to strengthen the organization’s security posture.

Business Continuity & Representation

• Ensure business continuity with agile security architectures adaptable to evolving threats.
• Represent the Information Security Team in terms of responsibility and engagements, aligning with organizational goals.
• Establish and monitor KPIs to evaluate performance and report progress to leadership

Education & Qualifications

• Education: MS/PhD in Information Security, Information Systems, Computer Science, or related field; a Master’s in Cybersecurity or Information Assurance is a plus.
• Certifications: Preferred, CISSP, CISM, or ISO 27001 Lead Implementer.
• Experience:
• Total minimum of 8 years of experience, with a minimum of 5 years in information security focused on SOC, ISO 27000, NIST, TISAX, and GDPR compliance, and 3 years in operational IT and networks design.
• Hands-on expertise in network security (firewalls, IDS/IPS, VPNs, segmentation), encryption (KMS, PKI/PKS, digital signatures), endpoint protection (EPP/EDR/XDR), SIEM tools (Microsoft Sentinel, Elastic), and the Microsoft security stack (DLP, Intune, Purview).
• Skilled in identifying and mitigating IT cybersecurity risks, using tools like Nessus, Metasploit, and OpenVAS to identify vulnerabilities.
• Excellent English, spoken and written, as this is the main work language.

Skills and Competencies

• Strong expertise in information security principles, including risk assessment, incident response, vulnerability management, and monitoring.
• Demonstrated ability to lead and develop teams, align resources with strategic goals, and foster collaboration.
• Proficiency in managing budgets (CAPEX and OPEX) and ensuring financial accountability for cybersecurity initiatives.
• Expertise in secure development processes, cybersecurity architecture, and advanced security tools.
• Excellent communication and interpersonal skills for engaging with internal teams, external stakeholders, and regulatory authorities.
• Passionate about ethical hacking, IT innovation and staying ahead of emerging cybersecurity trends, while adapting strategies to evolving threats.

We Offer

• Join a respected company with a strong international orientation in the dynamic automotive industry.
• A stimulating work environment with opportunities to grow within the company and develop your competencies in new technologies.
• Motivated colleagues, professional space for creativity and initiative, and open communication lines.
• Easy, congestion-free access to the workplace, along with a competitive salary package and a comprehensive range of fringe benefits.