We are looking for Security / Cybersecurity Expert (ISO 27001 – NIS2).Location: Brussels, 2 days/office.Language: EN (FR or NL are an asset, not mandatory).Team: 5 colleagues (new team). Consultant will be working on the cyber security activitiesTasks: 80% technical (execution of the below indicated tasks), 20% communication with steerco and management reporting (good presentation, communication and organisation skills).Duration: aligned with ISO 27001 certification roadmap and ongoing security maturity objectives.Seniority: Medior - Senior (7-10 years).Contractor – Security / Cybersecurity Expert (ISO 27001 – NIS2)We are is strengthening Information Security and Cybersecurity Management, to support its business objectives and alignment with telecom partners.The contractor will play a key role in supporting and coordinating with its telecom operators, to enhance overall cybersecurity maturity, and achieve and maintain ISO 27001 certification.Mission & ObjectivesSupport the design, implementation, and continuous improvement of the Information Security Management System (ISMS) in line with ISO 27001 and NIS2 requirements.Ensure effective implementation of organizational, operational, and technical security measures.Coordinate security governance and operational security practices between us and telecom partners.Oversee and follow up on key security capability initiatives, such technical implementation projects and operational process definition & roll‑out (for example, SIEM, SOC, backup/restore, DR/BCP).Contribute to audit readiness and certification processes.1. Governance & ISMS ManagementDevelop, review, and maintainSecurity policiesStandards and guidelinesOperational security proceduresConduct and maintainRisk assessments and risk treatment plansStatement of Applicability (SoA)Asset inventory and classification frameworkEnsure documentation and evidence collection aligned with ISO 27001 requirements.Prepare and support internal and external audits.Coordinate management reviews and reporting.2. Organizational & Operational SecurityDefine and formalize security roles and responsibilities.Implement and improve:Access management processesVulnerability management lifecycleSupplier security managementSupport awareness and training initiatives.3. Technical Security OversightProvide expert guidance and follow‑up for technical security implementations, including:Backup & restore platform implementation and validationSIEM platform deployment and use‑case developmentSOC setup or improvement (internal or external model)Vulnerability scanning and remediation trackingDisaster Recovery (DR) and Business Continuity (BCP) framework implementationHardening standards and secure configuration baselinesThe contractor is not necessarily expected to perform hands‑on configuration but must be deeply involved in:Challenging technical design decisionsValidating security architecture choicesEnsuring traceability to risk treatment plansVerifying control effectiveness4. Security Capability DevelopmentDefine and enhance:Security monitoring capabilitiesThreat detection and response processesBusiness continuity and disaster recovery scenariosEnsure integration between governance framework and technical capabilities.Establish KPIs and reporting mechanisms for security performance.Documented operational proceduresOversight reports for technical security projectsRisk assessment and treatment documentationSecurity roadmap and maturity improvement planISO 27001‑compliant ISMS documentationStatement of ApplicabilityYour profileExperienceAverage 7‑10 years of experience in cyber‑security and information security management.Proven experience in ISO 27001 implementation and certification support.Experience in telecom or highly regulated environments is a strong asset.Experience working in multi‑stakeholder environments (internal teams + operators/partners).Technical & Functional CompetenciesStrong knowledge of:ISO 27001 and ISO 27002 controlsNIS2 frameworkSecurity governance frameworksBackup, DR, and BCP frameworksVulnerability management processesAbility to bridge governance and technical implementation.Strong documentation and structuring skills.Audit experience (internal or external).Soft SkillsAutonomous and structured.Strong stakeholder management capabilities.Ability to work at strategic and operational levels.Clear communicator (technical and executive audiences).
#J-18808-Ljbffr