Please find below details about the role:
Job Title: Security Consultant
Contract Duration: 06 months
Location: Brussels, Belgium
Working Environment: Hybrid; 2-3 days per week onsite
Start date: ASAP
Languages: English C1 + Dutch C2
Role Summary:
We are looking for an experienced Information Security Officer / Security Consultant to support our client.
Our client's mission is to develop a coherent, government-wide information policy and support the transition to a data-driven administration.
The Information Security Officer will be part of the Security & Risk Team within the IT platform and will contribute to:
* Internal ISMS implementation
* The overarching Flemish information security policy (ICR framework)
Role Purpose:
* Implement and oversee information security across the organization
* Translate organisational security needs into effective controls and measures
* Develop and maintain security plans, risk analyses, incident registers, tools, training, and evaluations
* Perform and facilitate risk analyses at strategic, tactical, and asset levels
* Monitor and report information security risks
* Initiate and manage information security and awareness projects
* Act as subject-matter expert for internal and external stakeholders
* Maintain a documented knowledge base for information security
Skills & Experience:
* Proven experience as a Security Consultant in one or more of the following domains: data, infrastructure, applications
* Demonstrated expertise in a specific information security domain, e.g.:
-Implementing information security management processes
-Conducting vulnerability assessments and pentests
-Optimising application security using cost-effective methods
-Implementing Privileged Access Management (PAM)
-Deploying encryption solutions
* Proven experience in analysing, optimising, and documenting security processes and governance
* Hands-on experience with security management techniques and/or frameworks, e.g.: ISO 27000 series, COBIT for Security, NIST, OWASP, CIS Critical Security Controls
* Relevant certifications depending on domain expertise (CISM, CISSP, CEH)
* Experience developing an information security policy and ISMS aligned with ISO 27001
* Experience in security risk management, including quantitative and qualitative risk assessments
* Experience in the public sector (preferably Flemish or Belgian administration)
* Experience with security audits and compliance assessment methodologies.