Risk Management Advisor

Cyber Security Analyst – Risk & Security Advisory

We are looking for a Cyber Security Analyst to strengthen our risk management team in Brussels. This role focuses on performing and communicating security risk assessments across the entire organization. You will help ensure business-critical projects and infrastructure remain secure – whether they involve cloud, networks, applications, or financial platforms.

Security is a core enabler of business resilience, and your work will directly support compliance, secure project delivery, and the protection of critical assets.

Your Responsibilities

• Lead and support security risk assessments at organizational and project level, identifying potential threats and ensuring appropriate mitigation measures.
• Act as a key member of the risk management function, advising business and IT stakeholders on security risks, best practices, and regulatory impacts.
• Actively communicate risks to both technical teams and senior management, ensuring clarity and buy-in across diverse stakeholder groups.
• Translate high-level security policies and architecture principles into practical requirements for IT and business projects (secure by design).
• Contribute to architectural reviews, validating designs against defined security requirements.
• Define test requirements for security validation and support penetration testing activities.
• Provide consultancy across different risk domains, such as cloud (IaaS/PaaS/SaaS), application security, network and infrastructure security, or financial platforms.
• Advise on improved security services, processes, and governance within the wider organization.

Your Profile

• University degree in Computer Science, Engineering, or related field.
• Proven experience in security risk assessment and the ability to translate risks into business and technical requirements.
• Familiarity with best practices in domains like identity & access management, application security, network security, or data protection.
• Background in application security (OWASP, secure coding principles, CI/CD environments, or code scanning tools) is an advantage.
• Solid understanding of at least one of the following areas:
• Cloud platforms (IaaS/PaaS/SaaS)
• Network & infrastructure security
• Financial infrastructure or regulated industries
• Application security
• You bring security expertise without being hands-on engineering – your daily role is to assess, advise, document, and communicate rather than configure systems.
• Effective communicator able to bridge the gap between technical teams and business leaders.
• Strong organizational, analytical, and problem-solving skills.
• Professional certifications such as CISSP, GIAC, SABSA, or ISO 27001 Lead Auditor/Implementer are an asset.
• Fluent in English; additional languages are a plus.