Save

Chief Security Officer

Our Client is a large international company and a leading player in the financial services sector.

ROLE OVERVIEW

The Chief Security Officer is responsible for leading and integrating IT security, cybersecurity, physical security, and corporate security across the business unit, ensuring the effective protection of company assets, data, employees, and operations, while supporting regulatory compliance and operational resilience. The CSO acts as a strategic leader and trusted business partner, working closely with senior management, Group Security, regulators, and external stakeholders. The role requires the ability to translate security risks into business impact, influence executive decision-making, and ensure effective alignment between Group security strategy and local execution within a regulated environment. The position requires strong technical depth across core cybersecurity domains, including identity and access management, authentication, email security, cloud security, and incident response, as well as solid understanding of crisis management and business continuity processes. The CSO must be able to challenge IT teams, architects, and vendors, validate solutions, and ensure effective implementation of security controls. While not operationally hands-on, the role demands high technical credibility combined with leadership and governance capabilities, ensuring effective risk management, regulatory compliance (including DORA and NIS2), security transformation, and resilience, while enabling secure business growth.

KEY RESPONSIBILITIES

  • Develop and execute the business unit’s security strategy, ensuring alignment with Group security policies, regulatory requirements, and business objectives. Act as a key interface with Group Security (GHO) to ensure alignment, transparency, and effective escalation.
  • Ensure effective local implementation of cybersecurity, physical security, corporate security, and business continuity frameworks, balancing Group mandates with local regulatory and business needs.
  • Lead security governance and risk management activities, including identification of risks, definition and implementation of mitigation measures, and oversight of key security controls across systems, applications, and infrastructure.
  • Drive regulatory compliance and supervisory engagement, including execution of DORA, NIS2, and local regulatory requirements, as well as leading regulatory inspections and interactions with authorities (e.g., MNB).
  • Lead and deliver security transformation initiatives and multi-year security roadmaps, including Group-driven programs, ensuring effective prioritization, budget management, and execution.
  • Oversee critical security domains, including Identity & Access Management, vulnerability management, security monitoring, cloud security, and third-party risk management.
  • Define and maintain security KPIs/KRIs, dashboards, and reporting, ensuring data accuracy, consistency, and audit readiness in alignment with Group standards.
  • Lead incident response, crisis management, and business continuity activities, including coordination with Group, regulators, and external stakeholders in high-impact scenarios.
  • Oversee security of third-party providers and outsourcing arrangements, including cloud and critical business partners, ensuring risk-based assessment and ongoing monitoring.
  • Act as a trusted advisor to business and IT leadership, ensuring secure enablement of digital initiatives, products, and transformation programs while balancing risk and business objectives.
  • Serve as the primary security representative towards senior management, regulators, auditors, and external stakeholders, ensuring effective communication of risks, incidents, and security posture.
  • Build and develop local security capabilities and culture, in collaboration with HR and key stakeholders, ensuring alignment with Group maturity expectations.
  • Oversee physical security operations and maintain relationships with law enforcement, regulatory authorities, and external security partners.

REQUIRED QUALITIES AND SKILLS

  • Extensive experience in cybersecurity, risk management, and security governance within international and highly regulated environments; experience in the financial sector is a strong advantage.
  • Proven experience operating within Group or federated security models, managing central and local accountability and execution.
  • Demonstrated experience implementing regulatory frameworks (e.g., DORA, NIS2, ISO 27001), including audits, inspections, and remediation programs.
  • Strong understanding of IT and cybersecurity domains, including IAM, MFA, vulnerability management, security monitoring, cloud security, and third-party risk management.
  • Proven track record delivering complex security transformation programs in large organizations.
  • Strong technical credibility, with the ability to challenge IT teams, architects, and external vendors, and make informed security decisions.
  • Experience defining and managing security metrics (KPIs/KRIs), reporting frameworks, and audit evidence.
  • Proven ability to lead major incidents and crisis situations, including coordination with executives, regulators, and cross-functional teams.
  • Strong executive presence, with the ability to influence senior stakeholders and translate technical risks into business and financial impact.
  • Excellent stakeholder management, communication, and negotiation skills in an international environment.
  • Experience managing corporate and physical security domains, in addition to cybersecurity responsibilities.
  • Proficiency in English.
  • Relevant certifications (CISSP, CISM, CISA, CRISC, ISO 27001, or equivalent) are considered a plus.

PLEASE NOTE

Candidates must have proven technical credibility across core domains (identity, authentication, email security, incident response, BCM) and be able to articulate how these are implemented and governed in practice. Profiles without hands-on involvement in regulatory audits/inspections (e.g. DORA/NIS2) or without experience in complex Group environments will be excluded.

Kattintson ide a jelentkezéshez!

Látogassa meg honlapunkat isg.com/jobs, ahol megtalálja legújabb állásajánlatainkat.