CISO aS a consultant

afarax
Wezembeek-Oppem, Belgium
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
Dutch, English, French

Job location

Wezembeek-Oppem, Belgium

Tech stack

Amazon Web Services (AWS)
Azure
Cloud Computing Security
Identity and Access Management
Network Security
PRINCE2
Security Information and Event Management

Job description

  • Build awareness on how much risk an organization has around cybersecurity;
  • Support the entity in developing a multi-year cybersecurity strategy/roadmap aligned with the client's standards and Belgian/EU regulatory expectations;
  • Provide on-demand advise and expertise to the entity wrt. cyber risks and investment priorities;
  • Support the client's subsidiaries in breaking down complex security requirements in a hands-on and pragmatic manner;
  • Ensure progress is made through rigorous status follow-up of remediation actions, identify issues, collaborate toward resolution;
  • Facilitate collaboration between various departments within the entity, with the client and third party service providers;
  • Ensure that entity's input is aggregated in a concise, high quality end deliverable that can be shared with Senior Management and is supported by a communication kit.

Requirements

  • Relevant professional certifications (e.g. CISSP, CISA, CRISC) needed and familiarity with project management and change management frameworks are considered a plus (e.g. Prince2, ITIL, ADKAR)
  • Fluent in English, Dutch and French
  • Proven track record in designing and implementing enterprise security programs in complex, regulated environments;
  • Expertise in EU cyber regulations (DORA, NIS2, EBA/ECB guidelines) and international standards (ISO 27001, NIST CSF).
  • Solid analytical skills; ability to break-down complex issues into their key components; strong deductive reasoning (a.o. ability to map regulations to security controls/measures); ability to draw conclusions from a combination of evidence and assumptions.

Hands-On Security Guidance - ability to provide tactical support on:

  • Cloud security (AWS/Azure architectures)

  • Identity & Access Management (IAM) frameworks

  • SIEM/EDR deployment & threat intelligence integration

  • Network security & basic IT hygiene (a.o. vulnerability and patch mgmt.)

  • Highly skilled in effectively communicating complex technical concepts to diverse audiences, from C-level executives to technical specialists;

  • Strong business acumen and customer-oriented;

  • Good analytical and synthesis skills;

  • Factual, results-oriented/outcome-driven and pro-active;

  • Self-starter capable of independent problem-solving with minimal oversight;

  • Ability to work in a complex environment - spanning multiple departments, entities and 3rd parties involved;

  • Ability to overcome set-backs and difficulties; seeks (and finds) solutions.

Apply for this position