Duration
09/02/2026 – 31/10/ months, full time)
Overview
The Third-Party Risk Manager is responsible for managing, overseeing, and mitigating information security risks associated with external vendors, suppliers, service providers, and contractors, in alignment with the NIS2 Directive. The role ensures that third parties comply with BELNET's security standards, meet regulatory requirements, and do not introduce unacceptable risks to business operations.
The manager will conduct risk assessments, maintain risk registers, oversee remediation plans, and collaborate with internal stakeholders to strengthen organizational resilience against cyber threats. The role also includes governance of supplier security, contract support, supply chain monitoring, and training or awareness initiatives for external partners.
Qualifications
* Bachelor's or Master's degree in Information Security, Risk Management, Law, or a related field.
* Minimum 4 years' experience in third-party risk management, cybersecurity, or compliance, ideally in regulated or governmental environments.
* Practical knowledge of the NIS2 Directive requirements.
* Familiarity with ISO/IEC 27001, particularly supplier relationship security, is strongly desired.
* Experience in supply chain security, vendor risk assessments, and contract negotiations.
* Relevant certifications (CISM, CISSP, CRISC, ISO 27001 Lead Implementer) or Third-Party Risk Management certifications are advantageous.
* Experience with public sector projects and regulatory compliance is a strong advantage.
* Excellent analytical, communication, negotiation, and stakeholder management skills.
* Strong ability to translate security requirements into contractual clauses and influence internal/external stakeholders.
Languages
* French or Dutch: Active knowledge required
* English: Nice to have
Type d'emploi : Temps plein, Freelance/Indépendant
Lieu du poste : Travail hybride (1000 Bruxelles)