IT and Cyber Risk Management Professional

This opportunity is a consultancy mission at a client site, where you will represent Keystone Solutions as an IT and Cyber Risk Management professional. As a Keystone Solutions consultant, you will be engaged in dynamic projects, working on-site with our client to deliver expert risk management services while embodying the values and ambition of a true K-Stone., * Execute IT and security risk assessments in IT and business contexts, including applications, business solutions, third-party organizations, and processes.

• Implement information security and IT control plans on third parties to ensure compliance with contractual agreements.
• Coordinate and perform IT and security audits on third parties.
• Create one-pagers and synthetic risk reports for management audiences.
• Establish processes and procedures for end-to-end IT and security management for third parties.
• Deliver consulting on IT and Cyber risk management to internal customers, including proposing or validating risk mitigation measures, creating detailed or synthetic risk reports, and supporting increased risk control maturity through follow-up and reporting.
• Manage customer relationships and act as the Single Point Of Contact for delivered risk management services.
• Contribute to the definition and improvement of risk management methods and tools, particularly in third-party management.
• Draft processes and procedures supporting risk management activities for both expert and non-expert audiences, with experience linking different ISMS processes.
• Demonstrate knowledge of CIAT topics and adapt to their application for third-party suppliers.
• Review IT and security contractual clauses for suppliers servicing client activities., * As a consultant, you will experience a variety of challenges across different client environments, ensuring continuous professional growth.
• Keystone Solutions is committed to turbo-charged learning, offering broad learning experiences and professional development opportunities.
• We foster skyrocketing ambition, supporting your career growth within a dynamic consultancy framework.
• Being a K-Stone means bringing our core values-excellence, integrity, and collaboration-to every engagement.

Do you have experience in Writing skills?, Do you have a Master's degree?, * Dutch: Fluent

• French: Fluent (Mandatory)
• English: Fluent (Mandatory)

Education:

• Bachelor/Master degree or equivalent by experience

Certifications:

• Optional: CISSP, CISM, CIPP, CCSK, ISO27001, or similar

Telework:

• Expectation: 50% on site & 50% homeworking

Required Experience / Knowledge:

• Professional experience in information security (5+ years)
• Experience in process design and business analysis
• Experience in third-party IT and security assessments
• Experience in risk management
• Experience delivering presentations and training

Technical Experience:

• Mandatory: Significant experience in operational/security risk management, working with cloud services (SaaS, HSP, AWS), strong MS Office skills (Excel, Word, PowerPoint), knowledge of software development security best practices, experience in release management, change management, incident management, and testing
• Preferable: Security certifications (CISSP, CISM, CIPP, CCSK), experience with RSA Archer and/or ServiceNow GRC, experience in vulnerability management and penetration testing, knowledge of control frameworks and audit methodologies

Business Experience:

• Mandatory: Knowledge of Information Security and Risk Management frameworks (ISO27001, SOC, NIST, OWASP, etc.), professional experience in information security (5+ years), particularly in cloud-based solutions, strong IT background, experience in financial services and large companies, experience reviewing and amending IT and Cyber third-party clauses in contracts
• Preferable: Experience in a banking environment

Soft Skills:

• High performer
• Autonomy, commitment, and perseverance in personal organization
• Quick self-starter, pro-active attitude, team player
• Results-oriented, responsible, resourceful
• Excellent English writing skills
• Good communication and influencing skills
• Strong analytical and synthesis skills, ability to produce structured and concise documents, precision, and methodological approach
• Ability to work in a dynamic and multi-cultural environment
• Accurate and control-minded, but flexible
• Ability to capture and adapt to stakeholder expectations while respecting established processes
• Ability to mentor and coach others