IT Security Compliance officer

The IT Security Compliance officer is responsible for supporting and assisting in the management of the organization's IT compliance program. They work closely with IT teams, security professionals, and other stakeholders to ensure that the organization complies with relevant laws, regulations, industry standards, and internal policies pertaining to information security and data privacy., * Compliance Monitoring and Auditing:

• Assist in conducting regular compliance assessments and audits to identify gaps and vulnerabilities.
• Maintain and enhance our ISO27001 certification by supporting external & internal audit processes and driving continuous improvements in our security posture. This includes overseeing compliance with internal teams as well as ensuring that our suppliers and partners adhere to stringent information security requirements
• Maintain documentation of audit findings, corrective actions, and compliance reports.

• Policy and Procedure Management:

• Assist in the development, review, and maintenance of IT security policies and procedures.
• Ensure that policies are communicated to all relevant personnel and that compliance is tracked.
• Work with teams to align processes with policy requirements.

• Risk Assessment and Mitigation:

• Conduct risk assessments to identify security risks and vulnerabilities.
• Collaborate in developing and implementing risk mitigation strategies and action plans.
• Regularly monitor and report on the progress of risk mitigation efforts.

• Vendor & Client Security Assessments:

• Support the assessment of third-party vendors' security practices.
• Manage the completion of client security questionnaires, due diligence requests, and RFP responses, ensuring accurate and timely delivery of compliance-related information
• Maintain a record of vendor compliance assessments and findings.

• Documentation Management:

• Establish and maintain a system for organizing and archiving compliance-related documentation.
• Ensure that compliance records are up-to-date and readily accessible.
• Assist in streamlining documentation processes for efficiency.

• Compliance Reporting:

• Assist in the preparation and submission of compliance reports to regulatory bodies or internal stakeholders.
• Ensure compliance reporting deadlines are met.
• Generate compliance dashboards and metrics for management review.

• Continuous Improvement Initiatives:

• Identify opportunities for process improvements based on audit findings and best practices.
• Collaborate with teams to implement process enhancements.
• Monitor and document the impact of process improvements., * Flexible work arrangements for all and initiatives supported by Parents@Deloitte

• Wellbeing tips and activities powered by Energise@Deloitte
• Topped off with other health benefits and insurance opportunities

Empowering our employees with flexible work arrangements remains essential in today's reality:

• Hybrid workplace: combination of home office and on-site (+10 offices in Belgium or client's premises).
• Part-time employment: all our jobs are open to full-time or part-time work under a 90% or 80% regime.

• Bachelor's degree in information security, Computer Science, or a related field, or equivalent experience gained through professional work.
• Several years of experience in information security compliance, risk management, or IT audit, ideally with direct exposure to ISO27001 certification processes and client compliance requirements
• You have an excellent command of English and Dutch or French, both written and spoken.
• Relevant security certifications are preferred. (e.g. CISM, CRISC, CISSP… )
• Proven experience in information security compliance, risk management
• Strong knowledge of ISO/IEC 27001 and practical experience maintaining certification.
• Good understanding of governance, risk, and compliance (GRC) frameworks.
• Excellent communication and interpersonal skills.
• Ability to work collaboratively with cross-functional teams.
• Experience with GRC tools (e.g. Eramba) is a plus.

Deloitte drives progress. Our firms around the world help our clients become market leaders wherever they compete. Deloitte invests in outstanding people with diverse talents and backgrounds, empowering them to achieve more than they can elsewhere. Our work combines consulting with action and integrity. We believe that when our clients and society are stronger, so are we.