Technical GRC Consultant

Are you a cybersecurity enthusiast with a consulting mindset? We are looking for an IT and Cyber GRC Expert to join a mature Governance, Risk, and Compliance practice within a leading financial institution. In this role, you will deliver and improve GRC services, processes, and tools, ensuring they align with industry best practices and regulatory requirements. You will drive user adoption, manage stakeholder expectations, and play a critical role in the strategic evolution of the GRC landscape.

• Location: Brussels Region / Hybrid
• Experience: 5+ years of professional experience in GRC and Cybersecurity.
• Education: Master’s degree or equivalent by experience.

Your Tasks:

• Process & Tool Management: Design and maintain Agile GRC processes and monitor tool performance to promptly resolve incidents.
• Stakeholder & Change Leadership: Translate local and Group requirements into pragmatic GRC solutions and influence the global GRC strategy.
• Agile Implementation: Lead Opus/Feature/User Story implementations and manage interdependencies within various Agile constructs.
• Reporting & Support: Design decision-making dashboards and onboard control functions into GRC tools through training and documentation.
• Technical Guidance: Provide expertise to business units for the effective implementation of IT and Cyber Governance within their scope.

Your Profile:

• Expertise: Solid background in cybersecurity concepts, IT risks, and security issues within large corporate environments.
• Technical Background: Strong IT foundation with experience in Cloud services (SaaS, AWS, M365), network/OS security, and software development security.
• Frameworks & Regulations: Knowledge of ISO27001, NIST, DORA, GDPR, and EBA guidelines. Experience with GRC suites (e.g., ServiceNow GRC) is a strong asset.
• Soft Skills: A strategic thinker with a consulting mindset, capable of constructively challenging stakeholders.
• Languages: Fluent in English and French (mandatory). Dutch is an advantage.
• Certifications: (Optional) CISSP, CGRC, CISA, or CISM are considered a plus.