afarax is looking for freelance consultants for a specific mission with a strong know-how in Information Security. We need your lights !


We are a Belgian based Team with a strong network of consultants and Companies active in various business sectors and facing the challenges of the Digital Transformation. The concept is very simple : Once you enter the ecosystem, you can access our projects and let us make your life a way easier.


The mission

Our client is looking for an IT and Cyber Risk Management Advisor to join their Risk and Compliance team.

Function description :

· You execute or support IT and security risk assessments in IT and business, scoping projects, or legacy assets (applications, business solutions, 3 rd -parties organization, processes…). Maintenance of identified risks in the risk registry database.

· You setup processes and procedures for an end to end IT and Cyber management for assets and Third-parties. – you perform security risk quality assurance from the creation to the closure.

· You deliver consulting on risk management to internal customers (IT and Business) :

o Accompany and challenge IT risk assessments performed by the Entities.

o Proposition or validation of measures to mitigate risks derived from assessments, security scans and penetration tests, defects from IT and Cyber controls plans, recommendations from 2nd and 3rd lines of defence, etc.

o Creation of detailed or synthetic risk reports, structured and formulated in line with BNP Paribas Group and IT and Cyber Risk Management best practices.

o Support in increasing risk control maturity by providing a valuable follow up and reporting

· You report risks and overall risk posture to Information Security, IT or Business Management

o Correlate risks across a portfolio of projects or activities; identify and propose transversal risk mitigating actions deriving from any risk source (assessments, control results, etc as described above)

o Create risk dashboards and reports for a management audience, in line with the defined risk appetite for the company

o Create on-pagers and synthetic risk reports for a management audience

· You manage customer relationship and are the Single Point Of Contact for the risk management services you deliver. You customize services to meet customer needs or expectations while ensuring compliance with risk management methodologies and guidelines.

· You contribute to definition and improvement of risk management methods and tools supporting those activities (risk identification guide, risk evaluation matrix, industrialization of risk monitoring and reporting framework and deliverables) taking into account your field experience as well as best practices coming from the BNP Paribas Group or other sources like regulators, Basel II, CobIT, ISO27000/31000 …

· You contribute to writing procedures and processes supporting risk management activities outlined above, for both an expert and non-expert audience. Experience on linking different ISMS and IT Risk processes is a must.

· You are the single point of contact for security matters related to the CIAT of our assets: business support, maintenance of procedures and tooling, regular reporting, integration of the security asset management in the overall asset management processes of the bank


Is this you ?

· Fluent in Dutch, French and English

· Bachelor/Master

· Security certifications like CISSP, CISM, CIPP, CCSK

· Professional experience in information security (5+ years)

· Experience in project management, process design and improvement

· Experience in Data protection, Business continuity, Access management

· Experience in IT and Cyber Assessments on assets and Third parties

· Experience in delivering presentations and training

· Significant experience in operational/IT and security risks management.

· Knowledge of control frameworks and audit methodologies.

· Significant experience in working with cloud services (SaaS, HSP, AWS)

· Knowledge of software development security best practices

· Experience in release management, change management, incident management, testing.

· Knowledge of Information Security and Risk Management frameworks (ISO27001, SOC, NIST, OWASP, etc.)

· Professional experience in information security (5+ years), particularly in Thirdparty management

· Strong IT background.

· Professional experience in Financial Services; used to work in large companies.


· High performer

· Autonomy, commitment, and perseverance in personal organization.

· Quick self-starter, pro-active attitude, team player.

· Results-oriented, responsible for his/her tasks, resourceful.

· Excellent English writing skills.

· Good communication and influencing skills.

· Good analytical and synthesis skills, ability to produce structured and concise documents, be precise and methodological.

· Ability to work in a dynamic and multi-cultural environment.

· Accurate & control minded, but flexible.

· Ability to capture and adapt to stakeholder expectations while respecting processes in place.

· Ability to mentor/coach people





How we support you ?

More projects on :



Include a message to the recruiters.
Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.
Back to list

We are uploading your application. It may take a few moments to read your resume. Please wait!