Senior IT & Cyber Risk Management Advisor
- Role: IT & Cyber Risk Management Advisor (Expert Level)
- Contract Type: Freelance (Long-term mission)
- Location: Brussels, Belgium
- Remote Work: Hybrid (50% on-site / 50% homeworking)
- Required Experience: 8+ years
🎯 Mission Context & Role Objective
Joining the Governance, Risk, and Compliance (GRC) team of a major international financial institution, you will support IT and Business Units in developing and implementing robust operational risk management practices, with a primary focus on Information Security.
As an Expert Advisor, you will act as a strategic partner, helping to identify, advise, monitor, and report on risk treatment to reduce overall risk exposure across IT, Agile Constructs (Tribes/Squads), and third-party vendors at an optimized cost.
🔑 Key Responsibilities
- Risk Lifecycle Quality Assurance: Oversee the IT and Cyber security risk QA process from initial identification, through risk treatment/mitigation, until final closure.
- Stakeholder Advisory: Provide pragmatic advice and support on IT and Cyber Security Risk Management to internal IT and Business stakeholders.
- Shadow IT Assessments: Perform comprehensive IT and Cyber risk assessments on Shadow IT situations (applications operating outside standard IT governance).
- Governance & Executive Reporting: Synthesize complex data to report on overall risk posture and specific cybersecurity risks to IT, Security, and Business Management.
- Framework Improvement: Contribute to the evolution of internal risk management methodologies and tools, bridging field experience with corporate security policies.
🛠️ Required Profile & Technical Skills
Must-Have Technical Expertise
- ISMS & Control Frameworks: A minimum of 8 years of experience with a proven track record of linking Information Security Management Systems (ISMS) to practical IT Risk processes. Strong knowledge of control frameworks and IT audit methodologies is a must.
- Cloud Security Governance: Significant, demonstrable experience identifying and managing risks tied to Cloud services (AWS, SaaS, HSP).
- SDLC & IT Operations: Strong understanding of software development security best practices, combined with functional knowledge of operational ITIL processes (Change Management, Release Management, Incident Management, and Testing).
Sector & Language Requirements
- Industry Experience: Previous experience working within a banking, financial services, or highly regulated environment is highly preferred.
- Languages: Sound knowledge of English AND at least one local language (French or Dutch). Strong English writing and synthesis skills are mandatory.
- Education & Certifications: Master’s degree preferred. Industry-recognized security certifications (CISSP, CISM, CIPP, or CCSK) are highly valued.
Soft Skills
- Autonomy, proactivity, and strong personal organization.
- Exceptional communication and interpersonal skills, with the ability to build relationships and communicate risk effectively to both technical teams and executive management.
- Analytical mindset with the ability to produce highly structured, concise, and precise documentation.
Key Skills
Ranked by relevance
Related Jobs
3 roles aligned with this opportunity
Cybersecurity Specialist - AI & Connected Vehicle (Rif. 2026-219)
2026-07-07
Senior Cloud Security Consultant
2026-07-05
IT Project Manager
2026-07-07
- Posted
- Jul 07, 2026
- Type
- Contract
- Level
- Mid-Senior
- Location
- Luxembourg
- Company
- Stott and May
Industries
Categories
Related Jobs
3 roles aligned with this opportunity
Cybersecurity Specialist - AI & Connected Vehicle (Rif. 2026-219)
2026-07-07
Senior Cloud Security Consultant
2026-07-05
IT Project Manager
2026-07-07