Cyber Security Specialist

Job Title: Security / Cybersecurity Expert

Contract Duration: ASAP - 6months with the possibility of extension

Work Location: Brussels (Hybrid, 2 days/week onsite & 3 days/week remote)

Languages Required: English

Job Description - Roles and Responsibilities

Tasks: 80% technical (execution of the below indicated tasks), 20% communication with steerco and management reporting (good presentation, communication and organisation skills).

Mission & Objectives

• The Security / Cybersecurity Expert will:
• Support the design, implementation, and continuous improvement of the Information Security Management System (ISMS) in line with ISO 27001 and NIS2 requirements.
• Ensure effective implementation of organisational, operational, and technical security measures.
• Coordinate security governance and operational security practices.
• Oversee and follow up on key security capability initiatives, such as technical implementation projects and operational process definition & roll-out (for example, SIEM, SOC, backup/restore, DR/BCP).
• Contribute to audit readiness and certification processes.

Governance & ISMS Management

• Develop, review, and maintain Security policies, Standards and guidelines, Operational security procedures
• Conduct and maintain Risk assessments and risk treatment plans, Statement of Applicability (SoA), Asset inventory and classification framework
• Ensure documentation and evidence collection are aligned with ISO 27001 requirements.
• Prepare and support internal and external audits.
• Coordinate management reviews and reporting.

Organisational & Operational Security

• Define and formalise security roles and responsibilities.
• Implement and improve: Access management processes, Incident response processes, Vulnerability management lifecycle, Supplier security management
• Support awareness and training initiatives.
• Coordinate security processes.

Technical Security Oversight

• Provide expert guidance and follow-up for technical security implementations, including:
• Backup & restore platform implementation and validation, SIEM platform deployment and use-case development, SOC setup or improvement (internal or external model), Vulnerability scanning and remediation tracking, Disaster Recovery (DR) and Business Continuity (BCP) framework implementation, Hardening standards and secure configuration baselines

The contractor is not necessarily expected to perform hands-on configuration but must be deeply involved of:

• Challenging technical design decisions
• Validating security architecture choices
• Ensuring traceability to risk treatment plans
• Verifying control effectiveness

Security Capability Development

• Define and enhance: Security monitoring capabilities, Threat detection and response processes, Business continuity and disaster recovery scenarios
• Ensure integration between the governance framework and technical capabilities.
• Establish KPIs and reporting mechanisms for security performance.

Expected Deliverables

• Documented operational procedures
• Oversight reports for technical security projects
• Risk assessment and treatment documentation
• Audit preparation material
• Security roadmap and maturity improvement plan
• Governance reporting dashboards
• ISO 27001-compliant ISMS documentation
• Statement of Applicability

Your profile

• Experience in cybersecurity and information security management.
• Proven experience in ISO 27001 implementation and certification support.
• Experience in telecom or highly regulated environments is a strong asset.
• Experience working in multi-stakeholder environments (internal teams + operators/partners).
• Technical & Functional Competencies

Strong knowledge of: ISO 27001 and ISO 27002 controls

• The NIS2 framework
• Risk management methodologies, Security governance frameworks, SOC & SIEM architectures, Backup, DR, and BCP frameworks, Vulnerability management processes, and the ability to bridge governance and technical implementation.
• Strong documentation and structuring skills.
• Audit experience (internal or external).

Soft Skills

• Autonomous and structured.
• Strong stakeholder management capabilities.
• Ability to work at strategic and operational levels.
• Clear communicator (technical and executive audiences).
• Pragmatic and solution-oriented.
• Reporting & Collaboration

Reports to our management.

Works closely with: technical and operational teams, Security teams, External auditors and certification bodies