Nexeo Belgium supports leading organizations in the banking, finance, insurance, and public sectors throughout their most critical transformation, risk, and cybersecurity initiatives.
We are currently looking for a IT & Cyber GRC Technical Consultant who wants to shape, evolve, and drive Governance, Risk and Compliance practices in a complex, regulated financial environment.
Why this role matters
You will join a mature IT & Cyber GRC practice supported by a centralized GRC platform, where your expertise will directly impact:
* Cybersecurity governance and risk management
* Regulatory compliance and audit readiness
* User adoption, operational excellence, and decision-making quality
This role goes beyond execution. You will challenge existing processes, influence key stakeholders, and drive meaningful change at both local and Group level.
Your impact
As an IT & Cyber GRC Technical Consultant – Expert, you will:
Shape and evolve GRC
* Design, improve, and operationalize Agile GRC processes aligned with regulatory requirements and Group standards
* Drive GRC tool evolutions from requirements to production, with a strong focus on quality and user experience
* Simplify complex GRC processes while preserving critical control interdependencies
Lead change and stakeholders
* Translate regulatory, business, and Group requirements into pragmatic, scalable GRC solutions
* Act as a trusted advisor for IT, Cyber, Risk, and business stakeholders
* Influence and contribute to Group-level GRC programs
* Lead Features, Opuses, and User Stories while managing cross-team dependencies
Enable users and decision-makers
* Design dashboards and reporting that support risk-based decision-making
* Onboard teams, deliver training, and maintain high-quality documentation
* Facilitate agile ceremonies to ensure transparency and alignment
What you bring
Experience and expertise
* Minimum 5 years of experience in IT & Cyber GRC, cyber risk, compliance, or control frameworks
* Strong cybersecurity foundation and understanding of corporate IT risk landscapes
* Proven experience in process design, stakeholder management, and consulting environments
Technical strength
* Solid IT background
* Hands-on experience with cloud services (SaaS, AWS, Microsoft 365, HSP)
* Knowledge of secure software development practices, OS and network security, PAM, and containerization
* Working experience with a GRC suite (ServiceNow GRC is a strong asset)
Regulatory and business knowledge
* Strong knowledge of security and risk frameworks (ISO 27001, NIST, SOC, OWASP)
* Familiarity with regulations such as GDPR, DORA, PSD2, EBA guidelines, PCI-DSS
* Experience in financial services or large corporate environments
Languages
* English: Fluent
* French: Fluent
* Dutch: an asset