Junior Security Consultant ISO (Information Security Officer)
Preferred Start Date: 1 July 2026 for initial contract of 12 months plus extensions.
Location Brussels-Hybrid
Position Overview
The Information Security Officer (ISO) supports and advises process owners and team leaders on information security matters and monitors the implementation of security measures throughout the organization.
The role focuses on ensuring compliance with information security policies, identifying security risks, supporting audits, and translating organizational security requirements into practical controls and procedures.
Key Responsibilities
* Advise and support team leaders and process owners in implementing information security policies.
* Monitor compliance with security measures, controls, and procedures.
* Identify, assess, and report information security risks.
* Translate central information security policies into concrete measures for specific departments or domains.
* Support security audits and certification initiatives (e.g., ISO/IEC 27001).
* Analyze, optimize, and document security processes and governance structures.
Required Qualifications
Mandatory Requirements
* Certified ISO 27001 Implementer/Auditor or NIS2 Implementer.
* Demonstrable experience as a Security Consultant in one or more of the following areas:
* Data security
* Infrastructure security
* Application security
* Other relevant security domains
* At least 1 year of experience with ISO 27001.
* At least 1 year of experience with security management techniques and/or frameworks, such as:
* ISO 27000 series
* CyFun
* NIST
* CIS Critical Security Controls
* Demonstrable knowledge of information security.
* Experience analyzing, optimizing, and documenting security processes and governance.
* Signed NDA (Non-Disclosure Agreement) must be submitted.
* Native-level Dutch proficiency (CEFR C2).
Preferred Qualifications
* Experience working in Agile/Scrum environments.
* Experience with NIS2 implementation.
* Experience with security frameworks and standards such as:
* ISO 27000 series
* COBIT for Security
* NIST
* OWASP
* CIS Critical Security Controls for Effective Cyber Defense
* Demonstrable expertise in specific information security domains, such as:
* Information Security Management System (ISMS) implementation
* Vulnerability assessments and penetration testing
* Application security optimization using cost-effective solutions
* Privileged Access Management (PAM) implementation
* Encryption solution implementation
* Relevant security certifications depending on specialization, such as:
* CISM
* CISSP
* CEH
Seniority Level
Junior
Languages
* Dutch (CEFR Level C2) – Mandatory