Afarax is looking for a freelance Security Risk Manager. We need you!
The project:
Our client in the Transportation, Logistics, Supply Chain and Storage sector, is seeking an experienced Security Risk Manager to strengthen their team.
Your mission:
* Improve and formalise security risk management processes and procedures, ensuring they are pragmatic, scalable, and aligned with business needs.
* Conduct and support risk assessments, including identification, documentation, and evaluation of risks across IT and security domains.
* Propose and track risk responses that are proportionate and effective, ensuring mitigation plans are actionable and monitored.
* Follow up on action plans defined in the risk response to ensure timely execution and closure.
* Maintain and continuously improve the central risk register, ensuring it reflects current risk exposure and mitigation status.
* Collaborate with security architects to collect and analyse identified risks from technical assessments and project reviews.
* Act as a bridge between the CISO Office and the Enterprise Risk Management (ERM) function, ensuring alignment and consistency in risk reporting and governance.
* Lead and support awareness initiatives to promote a risk-conscious culture across the organisation.
* Contribute to the implementation and monitoring of NIS2 controls related to risk management, including reporting and documentation.
Is this you?
* 15+ years in IT/security, with 10+ years in Security Risk Management roles.
* Proven experience in IT risk management, information security, or governance roles.
* Strong understanding of risk assessment methodologies, control frameworks, and regulatory requirements (e.g. NIS2, ISO 27001, GDPR).
* Ability to design and implement risk management processes, including SOPs, workflows, and reporting mechanisms.
* Skilled in stakeholder engagement, with the ability to work across technical and business teams.
* Experience with risk registers, risk scoring models, and compliance tracking tools.
* Familiarity with enterprise governance structures and ERM integration.
Strong skills across key security domains, including:
* Network security
* Cryptography
* Identity and Access Management (IAM)
* Cloud security
* Infrastructure security
* Business continuity & backup
* Excellent communication and presentation skills, with the ability to raise awareness and influence decision-makers.
* Fluent in English; Dutch and/or French is a plus.
How afarax supports you?
* You benefit from our extensive network
* You will have access to projects that fit your expertise
* We help and support you throughout your project
* We offer the possibility to build a valuable and lasting partnership
Check out more projects on: