We're hiring: Cybersecurity Risk & Compliance Officer (TPRM)
For one of our key clients in the Brussels region, we are looking for a Cybersecurity Risk & Compliance Officer with a strong focus on Third Party Risk Management (TPRM).
In this role, you will play a key part in ensuring a secure and resilient digital ecosystem within a critical infrastructure environment.
Practical details
* Location: Brussels region (2 days onsite / week)
* Start date: ASAP
* Long-term assignment
Your role
You will be responsible for managing cybersecurity risks related to third parties (suppliers, partners, service providers) and ensuring that security requirements are properly integrated into procurement and tendering processes.
You will act as a bridge between cybersecurity, procurement, legal, and business teams to ensure risks are identified, assessed, and controlled throughout the full lifecycle of third-party relationships.
Key responsibilities
Third Party Risk Management (TPRM)
* Define, maintain, and improve the third-party cybersecurity risk framework
* Assess risks based on supplier questionnaires, certifications, audits, and architectures
* Define and monitor mitigation plans and risk acceptance
Procurement & Tender Support
* Integrate cybersecurity requirements into RFI, RFQ, RFP and tender processes
* Evaluate supplier proposals from a security and compliance perspective
* Collaborate with stakeholders to define security conditions and commitments
Reporting & Continuous Improvement
* Monitor and report on third-party risks and security assessments
* Provide insights and recommendations to senior stakeholders
* Contribute to continuous improvement of processes and frameworks
Your profile
* Minimum 5 years of experience in cybersecurity, with focus on one or more of the following:
* Third Party Risk Management
* GRC / Compliance
* Security Assurance or Audit
* Strong knowledge of frameworks such as ISO 27001/27002, NIS2, GDPR, ISO 27036
* Experience with procurement processes (RFI, RFQ, RFP) is a strong plus
* Ability to assess architectures and translate risks into actionable insights
* Strong analytical and communication skills
Languages
* Dutch or French: C1/native
* Other national language: minimum B2
* English: C1
Education
* Master's degree (or Bachelor with relevant experience) in IT, Security, Risk or similar
Interested or know someone who might be a fit? Feel free to reach out or send me a message!