Security Consultant

Please find below details about the role:

Job Title: Security Consultant

Contract Duration: 06 months

Location: Brussels, Belgium

Working Environment: Hybrid; 2-3 days per week onsite

Start date: ASAP

Languages: English C1 + Dutch C2

Role Summary:

We are looking for an experienced Information Security Officer / Security Consultant to support our client.

Our client's mission is to develop a coherent, government-wide information policy and support the transition to a data-driven administration.

The Information Security Officer will be part of the Security & Risk Team within the IT platform and will contribute to:

• Internal ISMS implementation
• The overarching Flemish information security policy (ICR framework)

Role Purpose:

• Implement and oversee information security across the organization
• Translate organisational security needs into effective controls and measures
• Develop and maintain security plans, risk analyses, incident registers, tools, training, and evaluations
• Perform and facilitate risk analyses at strategic, tactical, and asset levels
• Monitor and report information security risks
• Initiate and manage information security and awareness projects
• Act as subject-matter expert for internal and external stakeholders
• Maintain a documented knowledge base for information security

Skills & Experience:

• Proven experience as a Security Consultant in one or more of the following domains: data, infrastructure, applications
• Demonstrated expertise in a specific information security domain, e.g.:

-Implementing information security management processes

-Conducting vulnerability assessments and pentests

-Optimising application security using cost-effective methods

-Implementing Privileged Access Management (PAM)

-Deploying encryption solutions

• Proven experience in analysing, optimising, and documenting security processes and governance
• Hands-on experience with security management techniques and/or frameworks, e.g.: ISO 27000 series, COBIT for Security, NIST, OWASP, CIS Critical Security Controls
• Relevant certifications depending on domain expertise (CISM, CISSP, CEH)
• Experience developing an information security policy and ISMS aligned with ISO 27001
• Experience in security risk management, including quantitative and qualitative risk assessments
• Experience in the public sector (preferably Flemish or Belgian administration)
• Experience with security audits and compliance assessment methodologies.