Information Security Specialist

Job Title: GRC Consultant

Location: Zaventem, Belgium

Job Type: Employee

Work Setting: Hybrid

About Us

We are committed to ensuring security and privacy. Supported by a skilled cybersecurity team, we provide a wide range of tailored solutions to meet your security needs. From consulting services to 24/7 monitoring through our C-SOC cybersecurity platform, we offer rapid incident response and comprehensive “security as a service.”

Key Responsibilities

Enablement Practice

• Assist clients in implementing Governance, Risk, and Compliance (GRC) frameworks, including Information Security Policies and Procedures, to mitigate potential risks.
• Deliver GRC and Information Security Awareness training to enhance client knowledge and preparedness.

Assurance Practice

• Conduct maturity assessments and gap analyses based on established standards such as ISO 27001/27002, SANS CIS TOP 20, NIST Cybersecurity Framework, as well as legal and regulatory requirements (CSSF, GDPR, PSD2), or an organization's own GRC policies.
• Develop and establish a GRC program, guiding clients toward a defined and structured Information Security framework.
• Perform all aspects of the Information Security Risk Management process as outlined by ISO 27005 at the organizational level.
• Carry out risk assessments at the project level on an ad hoc basis.
• Provide customized GRC services tailored to client needs.
• Offer expert advice and support to CISOs, Risk Officers, and DPOs on GRC-related matters.

Audit Practice

• Conduct internal and external GRC audits, as well as pre-certification audits, in line with established standards (ISO 27001/27002, SANS CIS TOP 20, NIST Cybersecurity Framework), legal/regulatory frameworks (CSSF, GDPR, PSD2), or an organization's Information Security Policy.
• Collaborate with Internal Auditors, providing expertise and guidance on GRC and Information Security matters.

Qualifications

• Proficiency in both Dutch and French is required.
• A minimum of 3 years of relevant work experience in GRC or Information Security.
• English language proficiency is considered a plus.
• Relevant certifications in GRC or Information Security (e.g., CISSP, CISM) are highly desirable.
• Strong analytical and problem-solving abilities.

For more information and to apply, share your up to date CV to me at [email protected]