afarax is looking for freelance consultants for a specific mission with a strong know-how in Information Secuirty. We need your lights !
We are a team of consultants based in Belgium with a solid network of companies active in various sectors and facing the challenges of digital transformation. Our concept is very simple: once you're in the ecosystem, you can access our projects and we'll make your life easier.
The mission
Our client is looking for an IT & Cyber Risk Management Consultant to strengthen their team.
Function description:
- You execute IT and security risk assessments in IT and business contexts (applications, business solutions, 3rd-parties organization, processes…).
- You execute information security and IT control plans on third parties to ensure that they are performing according to signed contracts.
- You coordinate and perform IT and security audits on third parties.You create one-pagers and synthetic risk reports for a management audience
- You set up processes and procedures for an end to end IT and security management for third-parties.
- You deliver consulting on IT and Cyber risk management to internal customers (IT and Business)
- You manage customer relationship and are the Single Point Of Contact for the risk management services you delivered.
- You contribute to definition and improvement of risk management methods and tools on the third-party management area.
- You contribute to writing processes and procedures supporting risk management activities outlined above, for both an expert and non-expert audience. Experience on linking different ISMS processes is a must.
- You are knowledgeable on CIAT topic and able to adapt to the way this is applied in the bank for third-party suppliers.
- You review IT and security contractual clauses for suppliers servicing bank activities.
Is this you ?
- Fluent in French, English and Dutch
- Bachelor/Master or equivalent by experience
- CISSP, CISM, CIPP, CCSK, ISO27001
- Professional experience in information security (5+ years)
- Experience in process design and Business analysis
- Experience in Third-party IT and security assessments
- Experience in risk management
- Experience in delivering presentations and training
- Significant experience in operational/security risks management.
- Significant experience in working with cloud services (SaaS, HSP, AWS)
- Strong MS Office Skills (Excel, word, Powerpoint)
- Knowledge of software development security best practices
- Experience in release management, change management, incident management, testing.
- Security certifications like CISSP, CISM, CIPP, CCSK.
- Experience with RSA Archer and/or ServiceNow GRC.
- Experience in vulnerability management and penetration testing
- Knowledge of control frameworks and audit methodologies.
- Knowledge of Information Security and Risk Management frameworks (ISO27001, SOC, NIST, OWASP, etc.)
- Professional experience in information security (5+ years), particularly in cloud based solutions
- Strong IT background.
- Professional experience in Financial Services. used to work in large companies.
- Experience in reviewing and amending IT and Cyber Third-party clauses in contracts
- Experience in banking environment.
How we support you ?
- We’ll help and support on the project.
- You’ll benefit from our network and challenges.
- We offer a possibility to build a valuable and easy partnership.
- You’ll have the possibility to be heard and share your knowledge.
- You’ll access missions that fit your current expertise or you can challenge yourself to learn new things.
More projects on : https://afarax.be/jobs/type/freelance/
