ORSYS le mag 2025 logo

The training and skills medium

Home > Cybersecurity glossary > CISO (Information Systems Security Manager) 🟩 Job title

CISO (Information Systems Security Manager) 🟩 Job title

Le CISO (Information Systems Security Manager) is a key role within an organisation, responsible for defining, managing and controlling the IT security strategy. They ensure that data, systems and infrastructures are protected against cyber threats (ransomware(e.g., leaks, etc.), by aligning technical measures with business challenges.

 

To find out more, read the article :

Information Systems Security Manager (ISSM): more than just a job, it's a mission!

 

Differences with other items

CISO ISD CISO
focused on security (policies, audits, incident management). manages thethe entire IT system (budget, projects, infrastructure). Chief Information Security Officer, with a more strategic scope.
examples: setting up a SOCRGPD compliance. examples: migration to the cloud, ERP deployment. examples: governance cybersecurity at Board level.

 

🎯 Main tasks

  1. Assessing risks :
    • carrying out impact analyses (PIA, threat modelling).
    • map critical assets (e.g. customer databases).
  2. Deploying protection :
    • supervise firewallsencryption solutions, access management (IAM).
    • validate continuity plans (PCA/PRA).
  3. Crisis management :
    • coordinating the response to incidents (e.g. ransomware attacks).
    • work with the Legal and Communications Departments.
  4. Raising awareness :
    • train employees in good practice (e.g. phishing).

🎓 Skills required

  • Techniques knowledge of standards (ISO 27001NIST), tools (SIEM, pentest).
  • Legal mastery of the RGPD and general (NIS2) and sectoral directives (e.g. DSP2 for finance).
  • Soft skills leadership, project management and communication.

 

💪 Issues and challenges

  • Limited budgets 60 % of CISOs believe they lack the resources to deal with attacks (CESIN 2023 study).
  • Regulatory complexity adaptation to local laws (e.g. LPM in France, NIS2, etc.).
  • Recruitment Shortage of 3.4 million cybersecurity professionals worldwide (ISC² 2023).

👉 Concrete examples

  • In an SME The CISO implements a strong password policy and supervises annual audits.
  • In an international group He manages a Security Operations Centre (SOC) and negotiates with cyber insurers.

 

Career development

  • Average salary in France Salary: €65,000 to €120,000/year depending on experience and company size.
  • Job opportunities CISO, senior consultant, risk director, IT director.
Back to Glossary

field of training

Cybersecurity

associated training

Systems and network security, level 1

Hacking and security, level 1

Information systems security, summary

BEST

Towards the ORSYS Cyber Academy: a free space dedicated to cybersecurity