Senior Cyber Security & Risk Project Manager – Confidential Assignment
We are seeking a Senior Cyber Security & Risk Project Manager for a long-term assignment within a highly regulated financial environment in Belgium. The role is part of a strategic cyber security and risk management initiative and will operate in a hybrid setup (Brussels / remote).
Key Responsibilities
* Lead delivery of cyber security and risk management projects from initiation to audit closure
* Maintain project governance artefacts (roadmaps, risk registers, issue logs, reporting dashboards)
* Drive GRC activities including risk assessments, control mapping, and third-party risk inputs
* Coordinate internal and external audits and ensure audit-ready documentation
* Ensure alignment with ISO 27001, NIST, and CIS frameworks
* Act as key liaison between security, IT, audit, architecture, and business stakeholders
* Support process optimisation and reporting automation
* Manage remediation tracking and compliance follow-up
Profile Requirements
* Senior experience in Cyber Security Project or Program Management
* Strong background in Risk Management and GRC
* Experience in regulated environments (financial services, public sector, or EU institutions preferred)
* Proven experience with audit coordination (ISAE, ISO audits, SWIFT CSP, etc.)
* Knowledge of ISO 27001, NIST, and CIS frameworks
* Strong stakeholder management at senior (CISO/IT/audit/business) level
* Ability to lead cross-functional teams without formal authority
* Structured, delivery-focused, and analytically strong mindset
Engagement Type
* Freelance or employment via staffing/detachment model
* Long-term assignment (12 months + extension option)
* Hybrid working (approx. 50% onsite Brussels)
Screening Questions
* Describe a cyber security or risk management programme you have managed end-to-end. What were the main risks and how did you mitigate them?
* Explain your experience implementing or operating a GRC solution. What data, processes, and stakeholders were involved?
* Can you provide an example of how you coordinated internal or external security audits (e.g. SWIFT CSP, ISO 27001, ISAE)? How did you manage findings and remediation actions?
* Give an example of a situation where you had to coordinate multiple stakeholders with conflicting priorities in a security context. How did you align them?
* How do you ensure delivery within budget and timelines in complex cyber security or risk management environments?
#J-18808-Ljbffr