afarax is looking for freelance consultants for a specific mission with a strong know-how in Information Security. We need your lights !
We are a Belgian based Team with a strong network of consultants and Companies active in various business sectors and facing the challenges of the Digital Transformation. The concept is very simple : Once you enter the ecosystem, you can access our projects and let us make your life a way easier.
The mission
Our client is looking for a skilled Subject Matter Expert Security to join their team.
Function description :
- You perform securityrisk quality assurance from the creation to the closure of the risk
- You deliveradvice and support on risk management to internal customers (IT and Business) : this means:
- Accompany and challenge IT risk assessments performed by the Entities.
- Propose or validate measures to mitigate risks derived from assessments, security scans and penetration tests, defects from IT and Cyber controls plans, recommendations from 2nd and 3rd lines of defence, etc.
- Create detailed or synthetic risk reports, in line with BNP Paribas Group and IT and Cyber Risk Management best practices.
- Increase risk control maturity by providing a valuable follow up and reporting.
- You report risks and overall risk posture to Information Security, IT or Business Management
- Identify and propose transversal risk mitigating actions
- Create risk dashboards and reports for a management audience, in line with the risk appetite for the company.
- Create one-pagers and risk reports for a management audience.
- You build a customer relationship as the Single Point Of Contact for the risk management services you deliver.
- You contribute to improve the risk management methods and tools taking into account your field experience as well as best practices coming from the BNP Paribas Group or other sources like regulators, Basel II, CobIT, ISO27000/31000 …
- You contribute to writing procedures and processes supporting the risk management activities outlined above, for both an expert and non-expert audience.
- You are the single point of contact for security matters related to the Information asset and the CIAT rating of our assets, whilst providing business support, maintaining and updating procedures and tooling, and integrating the security asset management in the overall asset management processes of the bank.
Is this you ?
- Fluent in Dutch, French & English
- Master or equivalent by experience
- Security certifications like CISSP, CISM, CIPP, CCSK
- Professional experience in information security (5+ years)
- Experience in project management, process design and improvement
- Experience in Data protection, Business continuity, Access management
- Experience in IT and Cyber Assessments on assets, processes or Third-parties
- Experience in delivering presentations and training
- Significant experience in operational/IT and security risks management (+5 years).
- Knowledge of control frameworks and audit methodologies.
- Significant experience in working with cloud services (SaaS, HSP, AWS, Microsoft 365))
- Knowledge of software development security best practices, network/OS security, PAM.
- Experience in IT release management, change management, incident management, testing
- Experience in vulnerability management, patching management, hardening, Identity & Access Management
- Knowledge of Information Security and Risk Management frameworks (ISO27001, SOC, NIST, OWASP, etc.)
- Professional experience in Financial Services; used to work in large companies.
- High performer
- Autonomy, commitment and perseverance in personal organization.
- Quick self-starter, pro-active attitude, team player.
- Results-oriented, responsible for his/her tasks, resourceful.
- Excellent English writing skills.
- Good communication and influencing skills.
- Good analytical and synthesis skills, ability to produce structured and concise documents, be precise and methodological.
- Ability to work in a dynamic and multi-cultural environment.
- Accurate & control minded, but flexible.
- Ability to capture and adapt to stakeholder expectations while respecting processes in place.
- Ability to mentor/coach people.
How we support you ?
- We’ll help and support on the project.
- You’ll benefit from our network and challenges.
- We offer a possibility to build a valuable and easy partnership.
- You’ll have the possibility to be heard and share your knowledge.
- You’ll access missions that fit your current expertise or you can challenge yourself to learn new things.
More projects on : https://afarax.be/jobs/type/freelance/