Cyber Security Analyst – Risk & Security Advisory
We are looking for a Cyber Security Analyst to strengthen our risk management team in Brussels. This role focuses on performing and communicating security risk assessments across the entire organization. You will help ensure business-critical projects and infrastructure remain secure – whether they involve cloud, networks, applications, or financial platforms.
Security is a core enabler of business resilience, and your work will directly support compliance, secure project delivery, and the protection of critical assets.
Your Responsibilities
* Lead and support security risk assessments at organizational and project level, identifying potential threats and ensuring appropriate mitigation measures.
* Act as a key member of the risk management function, advising business and IT stakeholders on security risks, best practices, and regulatory impacts.
* Actively communicate risks to both technical teams and senior management, ensuring clarity and buy-in across diverse stakeholder groups.
* Translate high-level security policies and architecture principles into practical requirements for IT and business projects (secure by design).
* Contribute to architectural reviews, validating designs against defined security requirements.
* Define test requirements for security validation and support penetration testing activities.
* Provide consultancy across different risk domains, such as cloud (IaaS/PaaS/SaaS), application security, network and infrastructure security, or financial platforms.
* Advise on improved security services, processes, and governance within the wider organization.
Your Profile
* University degree in Computer Science, Engineering, or related field.
* Proven experience in security risk assessment and the ability to translate risks into business and technical requirements.
* Familiarity with best practices in domains like identity & access management, application security, network security, or data protection.
* Background in application security (OWASP, secure coding principles, CI/CD environments, or code scanning tools) is an advantage.
* Solid understanding of at least one of the following areas:
* Cloud platforms (IaaS/PaaS/SaaS)
* Network & infrastructure security
* Financial infrastructure or regulated industries
* Application security
* You bring security expertise without being hands-on engineering – your daily role is to assess, advise, document, and communicate rather than configure systems.
* Effective communicator able to bridge the gap between technical teams and business leaders.
* Strong organizational, analytical, and problem-solving skills.
* Professional certifications such as CISSP, GIAC, SABSA, or ISO 27001 Lead Auditor/Implementer are an asset.
* Fluent in English; additional languages are a plus.