PpWe are looking for Security / Cybersecurity Expert (ISO 27001 – NIS2). /p /brpLocation: Brussels, 2 days/office. /p /brpLanguage: EN (FR or NL are an asset, not mandatory). /p /brpTeam: 5 colleagues (new team). Consultant will be working on the cyber security activities /p /brpTasks: 80% technical (execution of the below indicated tasks), 20% communication with steerco and management reporting (good presentation, communication and organisation skills). /p /brpDuration: aligned with ISO 27001 certification roadmap and ongoing security maturity objectives. /p /brpSeniority: Medior - Senior (7-10 years). /p /brpContractor – Security / Cybersecurity Expert (ISO 27001 – NIS2) /p /brpWe are is strengthening Information Security and Cybersecurity Management, to support its business objectives and alignment with telecom partners. /p /brpThe contractor will play a key role in supporting and coordinating with its telecom operators, to enhance overall cybersecurity maturity, and achieve and maintain ISO 27001 certification. /p /brh3Mission Objectives /h3 /brul /brliSupport the design, implementation, and continuous improvement of the Information Security Management System (ISMS) in line with ISO 27001 and NIS2 requirements. /li /brliEnsure effective implementation of organizational, operational, and technical security measures. /li /brliCoordinate security governance and operational security practices between us and telecom partners. /li /brliOversee and follow up on key security capability initiatives, such technical implementation projects and operational process definition roll‑out (for example, SIEM, SOC, backup/restore, DR/BCP). /li /brliContribute to audit readiness and certification processes. /li /br /ul /brh31. Governance ISMS Management /h3 /brul /brliDevelop, review, and maintain /brul /brliSecurity policies /li /brliStandards and guidelines /li /brliOperational security procedures /li /br /ul /br /li /brliConduct and maintain /brul /brliRisk assessments and risk treatment plans /li /brliStatement of Applicability (SoA) /li /brliAsset inventory and classification framework /li /br /ul /br /li /brliEnsure documentation and evidence collection aligned with ISO 27001 requirements. /li /brliPrepare and support internal and external audits. /li /brliCoordinate management reviews and reporting. /li /br /ul /brh32. Organizational Operational Security /h3 /brul /brliDefine and formalize security roles and responsibilities. /li /brliImplement and improve: /brul /brliAccess management processes /li /brliVulnerability management lifecycle /li /brliSupplier security management /li /br /ul /br /li /brliSupport awareness and training initiatives. /li /br /ul /brh33. Technical Security Oversight /h3 /brul /brliProvide expert guidance and follow‑up for technical security implementations, including: /brul /brliBackup restore platform implementation and validation /li /brliSIEM platform deployment and use‑case development /li /brliSOC setup or improvement (internal or external model) /li /brliVulnerability scanning and remediation tracking /li /brliDisaster Recovery (DR) and Business Continuity (BCP) framework implementation /li /brliHardening standards and secure configuration baselines /li /br /ul /br /li /brliThe contractor is not necessarily expected to perform hands‑on configuration but must be deeply involved in: /brul /brliChallenging technical design decisions /li /brliValidating security architecture choices /li /brliEnsuring traceability to risk treatment plans /li /brliVerifying control effectiveness /li /br /ul /br /li /br /ul /brh34. Security Capability Development /h3 /brul /brliDefine and enhance: /brul /brliSecurity monitoring capabilities /li /brliThreat detection and response processes /li /brliBusiness continuity and disaster recovery scenarios /li /br /ul /br /li /brliEnsure integration between governance framework and technical capabilities. /li /brliEstablish KPIs and reporting mechanisms for security performance. /li /brliDocumented operational procedures /li /brliOversight reports for technical security projects /li /brliRisk assessment and treatment documentation /li /brliSecurity roadmap and maturity improvement plan /li /brliISO 27001‑compliant ISMS documentation /li /brliStatement of Applicability /li /br /ul /brh3Your profile /h3 /brh3Experience /h3 /brul /brliAverage 7‑10 years of experience in cyber‑security and information security management. /li /brliProven experience in ISO 27001 implementation and certification support. /li /brliExperience in telecom or highly regulated environments is a strong asset. /li /brliExperience working in multi‑stakeholder environments (internal teams + operators/partners). /li /br /ul /brh3Technical Functional Competencies /h3 /brul /brliStrong knowledge of: /brul /brliISO 27001 and ISO 27002 controls /li /brliNIS2 framework /li /brliSecurity governance frameworks /li /brliBackup, DR, and BCP frameworks /li /brliVulnerability management processes /li /br /ul /br /li /brliAbility to bridge governance and technical implementation. /li /brliStrong documentation and structuring skills. /li /brliAudit experience (internal or external). /li /br /ul /brh3Soft Skills /h3 /brul /brliAutonomous and structured. /li /brliStrong stakeholder management capabilities. /li /brliAbility to work at strategic and operational levels. /li /brliClear communicator (technical and executive audiences). /li /br /ul /p #J-18808-Ljbffr