Cyber Security Officer
All potential applicants are encouraged to scroll through and read the complete job description before applying.
Location:
Zaventem
Start Date:
ASAP
Duration:
3 months with possible extensions
Work Schedule:
Part-time, 3 days per week (2 days on-site)
Language Requirements:
English
Key Responsibilities:
Technical Risk Decomposition:
Identify security vulnerabilities by deconstructing complex project architectures and data flows. Utilize OWASP Risk Rating Methodology for application-level threats and ISO 27005 for systemic IT risks.
Cross-Functional Collaboration:
Work with Architects and DevOps teams to integrate security controls without affecting delivery speed.
Compliance Oversight:
Ensure compliance with internal security policies and regulations, including GDPR and NIS2, throughout the project lifecycle.
Architecture Deep-Dives:
Analyze software design, including APIs and micro‑services, to detect flaws as per the OWASP Top 10.
Third‑Party Security:
Conduct security reviews of external contracts and assess critical service providers.
On‑site Stakeholder Engagement:
Lead workshops with Architects and Product Owners to translate regulatory requirements into technical controls.
Reporting:
Convert technical risks into actionable business insights for management and steering committees.
Key Performance Indicators:
Assessment Coverage:
Analyze critical projects before production \"Go-Live.\"
Remediation Rate:
Address or formally accept high‑risk findings.
Risk Prediction Reliability:
Ensure no major security vulnerabilities are discovered in production that were not identified during the GRC assessment phase.
Turnaround Time:
Minimize the duration between project intake and the finalization of the security risk report.
Skills Required:
Availability & Location:
Commit to a 3‑day work week with at least 2 days on-site.
Framework Mastery:
Expertise in Cyber frameworks (ISO 27001/27002/27005, NIST) and the NIS2 directive.
Technical Risk Expertise:
Proficient in applying OWASP Risk Rating Methodology and performing technical architecture reviews, particularly in Cloud/GCP environments.
Analytical Mindset:
Ability to identify risks and find hidden gaps in technical documentation.
Communication:
Fluent in English, capable of simplifying complex security issues for non‑technical stakeholders. xphnsxz
Experience:
Minimum of 5 years in Cyber Security, specifically in a GRC or Security Architecture role.
#J-18808-Ljbffr