IT and Cyber Risk Management professional

afarax is looking for freelance consultants with specific experience with Information Security. We need your lights !

We are a team of consultants based in Belgium with a solid network of companies active in various sectors and facing the challenges of digital transformation. Our concept is very simple: once you're in the ecosystem, you can access our projects and we'll make your life easier.

The mission

Our client is looking for an IT and Cyber Risk Management professional to join their team.

Function description:

• You execute IT and security risk assessments in IT and business contexts (applications, business solutions, 3rd-parties organization, processes…).
• You execute information security and IT control plans on third parties to ensure that they are performing according to signed contracts.
• You coordinate and perform IT and security audits on third parties.
• You create one-pagers and synthetic risk reports for a management audience
• You set up processes and procedures for an end to end IT and security management for third-parties.
• You deliver consulting on IT and Cyber risk management to internal customers (IT and Business)
• You manage customer relationship and are the Single Point Of Contact for the risk management services you delivered.
• You contribute to definition and improvement of risk management methods and tools on the third-party management area.
• You contribute to writing processes and procedures supporting risk management activities outlined above, for both an expert and non-expert audience. Experience on linking different ISMS processes is a must.
• You are knowledgeable on CIAT topic and able to adapt to the way this is applied in the bank for third-party suppliers.
• You review IT and security contractual clauses for suppliers servicing bank activities.

Is this you ?

• Fluent in French, English and Dutch
• Bachelor/Master or equivalent by experience
• CISSP, CISM, CIPP, CCSK, ISO27001, ...
• Professional experience in information security (5+ years)
• Experience in process design and Business analysis
• Experience in Third-party IT and security assessments
• Experience in risk management
• Experience in delivering presentations and training
• Significant experience in operational/security risks management.
• Significant experience in working with cloud services (SaaS, HSP, AWS)
• Strong MS Office Skills (Excel, word, Powerpoint)
• Knowledge of software development security best practices
• Experience in release management, change management, incident management, testing
• Security certifications like CISSP, CISM, CIPP, CCSK.
• Experience with RSA Archer and/or ServiceNow GRC.
• Experience in vulnerability management and penetration testing
• Knowledge of control frameworks and audit methodologies
• Knowledge of Information Security and Risk Management frameworks (ISO27001, SOC, NIST, OWASP, etc.)
• Professional experience in information security (5+ years), particularly in cloud based solutions
• Strong IT background
• Professional experience in Financial Services used to work in large companies
• Experience in reviewing and amending IT and Cyber Third-party clauses in contracts
• Experience in the banking environment

How we support you ?

• We’ll help and support on the project.
• You’ll benefit from our network and challenges.
• We offer a possibility to build a valuable and easy partnership.
• You’ll have the possibility to be heard and share your knowledge.
• You’ll access missions that fit your current expertise or you can challenge yourself to learn new things.

More projects on : https://afarax.be/jobs/type/freelance/