Responsabilities
As a GRC Officer within the CISO team, you will be responsible for managing and improving the Governance, Risk and Compliance processes of our organization. You will work closely with various internal and external stakeholders to ensure a seamless integration of risk management and compliance within all layers of the organization. Your main task is to ensure that our organization complies with relevant laws and regulations, including NIS2 and GDPR, and that our internal processes and procedures are constantly adapted to the latest developments in information security and risk management. Contributing to or co-developing, implementing, and maintaining an effective Information Security Management System (ISMS) and risk management program to protect the organization's sensitive information, ensure compliance with relevant regulations, and minimize security risks is also part of this.
Core skills
Knowing and protecting compliance with applicable policies and legislation
Information Security Management
Information Risk Management
CISO Security Solutions & Services
Governance, Policies & Awareness round information security and data protection
Coordination, Management or Support of one or more projects and initiatives within the CISO departments
Reporting on the CISO domains and security findings
The follow-up of IT Compliance
Keeping one's own knowledge up-to-date and expanding one's own knowledge
Keeping records, processing data and ensuring their quality and completeness
Supporting colleagues within the CISO domain
Knowledge
Minimum Knowledge level Masters or equivalent through experience
ISO 27001-27005, NIST Cybersecurity Frameworks
Extensive knowledge of NIS2, GDPR and other relevant laws and regulations.
Information Security Management Systems
Information Security Principles and Standards
Knowledge of cybersecurity and privacy standards, frameworks, policies, regulations, legislation, certifications and best practices
Risk Management Frameworks (Fair)
GRC-Tooling
Experience
Relevant work experience of 5 to 10 years, of which at least 5 years of experience in a similar position within Governance, Risk & Compliance, preferably within a complex business environment.
Experience in risk assessment, vulnerability management, and security incident response.
Proven experience with project management and leading large-scale projects within a GRC context incl. budgeting and presentation experience for senior management (+5 years)
Security experience, risk management experience, and delivery of ISMS audit evidence (+5 years)
Practical
Enlish + NL OR FR
2 days in the office
Anderlecht
Computer Futures is a Staffing and Recruitment firm for IT roles in Belgium.