IT and Cyber Third Party Risk Assessor Senior

This opportunity is a consultancy mission at a client site, where you will represent Keystone Solutions as an IT and Cyber Third Party Risk Assessor - Senior. As a Keystone Solutions consultant, you will be engaged in dynamic projects, working on-site and collaborating with client teams to deliver high-impact results while embodying our core values., As an IT and Cyber Third Party Risk Assessor, you will support IT and Business Units in developing robust operational risk management practices, with a focus on Information Security. Your responsibilities, carried out under Keystone Solutions' consultancy model, include:

• Identifying operational IT and Cyber risks on assets, applications, projects, and third parties.
• Advising, consulting, monitoring, and reporting on risk treatment to optimize risk exposure and costs for IT and Business.
• Elaborating and managing the implementation of flexible strategies to reduce IT and Information Security risks in line with group policies.

Function Description:

• Executing IT and security risk assessments for IT and business, including projects and legacy assets (applications, business solutions, third-party organizations, processes), and maintaining identified risks in the risk registry database.
• Ensuring information security and IT requirements are included in third-party contracts.
• Executing information security and IT control plans on third parties to ensure contractual compliance.
• Coordinating and performing IT and security audits on third parties.
• Setting up processes and procedures for end-to-end IT and security management for third parties.
• Delivering consulting on risk management to internal customers (IT and Business).
• Reporting risks and overall risk posture regarding third parties to Information Security, IT, or Business Management.
• Contributing to the definition and improvement of risk management methods and tools, leveraging field experience and best practices (including regulatory frameworks such as Basel II, CobIT, ISO27000/31000)., * As a consultant, you will experience a variety of challenges across diverse client environments, accelerating your professional growth.
• Our dynamic projects offer turbo-charged learning and broad exposure to the latest industry practices.
• We are committed to your career development and ambition, providing a framework for you to reach new heights.
• Being a "K-Stone" means bringing our core values-excellence, integrity, and collaboration-to every engagement.

• Bachelor's or Master's degree, or equivalent experience.
• Security certifications such as CISSP, CISM, CIPP, CCSK are valued.

Languages:

• Fluency in French or Dutch is required.
• Good command of English is necessary.

Work Location & Telework:

• Based in Brussels, with an expectation of 50% on-site and 50% homeworking.

Required Knowledge & Experience:

• At least 3+ years of relevant experience in IT Risk Management.
• Significant experience in operational/security risk management.
• Knowledge of control frameworks and audit methodologies.
• Knowledge of Information Security and Risk Management frameworks (ISO27001, SOC, NIST, OWASP, etc.).
• Strong IT background.

Preferred Experience:

• Security certifications such as CISSP, CISM, CIPP, CCSK.
• Professional experience in Financial Services and large companies.
• Experience in process design and improvement.
• Experience in third-party IT and security assessments.
• Experience in data protection, business continuity, and access management.
• Experience in delivering presentations and training.

Soft Skills:

• Good autonomy and personal effectiveness.
• Strong verbal and listening communication skills.
• Ability to analyze situations and synthesize information.