Our client, a major financial institution, is looking for a Dynamic Information Risk Manager to join the IT Security team to help protect the organization by identifying, assessing, managing, and reporting security risks. This position focuses on Application Security (including SSDLC, SAST, DAST, SCA) and Secure Configuration/Hardening, from a second line of defense (risk oversight) perspective.
As an Information Security Risk Advisor, you will:
* Identify, assess, analyze, and monitor potential security risks to ensure business continuity and protect organizational integrity.
* Develop and maintain security policies within your domain, covering both internal and external threats.
* Oversee risk management processes to ensure compliance with internal policies, standards, and regulatory requirements.
* Evaluate the effectiveness of existing controls, identify gaps, and recommend improvements.
* Advise internal stakeholders (1st line business units and agent network) and management on the implementation of effective risk mitigation strategies.
* Analyze security incidents, ensure proper follow-up, and contribute to structural improvements.
* Monitor emerging threats, trends, and vulnerabilities and assess their impact on the organization.
* Document and report risks, findings, and mitigation plans; escalate unaddressed or unacceptable risks.
* Prepare and deliver risk reports for internal management and regulatory bodies.
* Promote a strong security culture by raising awareness through training, advice, and workshops.
* Lead and participate in security-related projects, including planning resources, timelines, and budgets.
* Propose enhancements to the security policy and foster a culture of risk awareness across the bank.
Requirements
* A Bachelors or Master’s degree in a relevant field and preferably at least 5 years of experience in information security or risk management.
* Strong knowledge of application security and hardening standards.
* Analytical mindset with the ability to challenge and evaluate technical implementations.
* Skilled in providing clear, audience-tailored, and constructive feedback.
* Strong communication and influencing skills; capable of convincing stakeholders of risk priorities and required actions.
* Fluent in Dutch or French with a solid understanding of the other national languages; professional proficiency in English.
* A team player who enjoys working in multidisciplinary environments; independent, proactive, and enthusiastic.
* Certifications such as CISSP, CISM, CISA, CCOE (or equivalent) are considered a strong asset.
Benefits
* A dynamic and supportive work environment with offices in Anderlecht and Berchem.
* Opportunities for continuous learning and development through extensive training—technical, regulatory, language, and personal development.
* A healthy work-life balance, including flexible hours and the possibility to work from home.
* A competitive salary package with attractive fringe benefits: meal and eco vouchers, comprehensive insurance coverage, and a flexible cafeteria plan to tailor your benefits.
* A permanent contract and the opportunity to grow in a future-oriented, security-conscious organization.