Ph3Cyber Security Officer /h3 /brpbLocation: /b Zaventem /p /brpbStart Date: /b ASAP /p /brpbDuration: /b 3 months with possible extensions /p /brpbWork Schedule: /b Part-time, 3 days per week (2 days on-site) /p /brpbLanguage Requirements: /b English /p /brh3Key Responsibilities: /h3 /brul /brlipbTechnical Risk Decomposition: /b Identify security vulnerabilities by deconstructing complex project architectures and data flows. Utilize OWASP Risk Rating Methodology for application-level threats and ISO 27005 for systemic IT risks. /p /li /brlibCross-Functional Collaboration: /b Work with Architects and DevOps teams to integrate security controls without affecting delivery speed. /li /brlibCompliance Oversight: /b Ensure compliance with internal security policies and regulations, including GDPR and NIS2, throughout the project lifecycle. /li /brlibArchitecture Deep-Dives: /b Analyze software design, including APIs and micro‑services, to detect flaws as per the OWASP Top 10. /li /brlibThird‑Party Security: /b Conduct security reviews of external contracts and assess critical service providers. /li /brlibOn‑site Stakeholder Engagement: /b Lead workshops with Architects and Product Owners to translate regulatory requirements into technical controls. /li /brlibReporting: /b Convert technical risks into actionable business insights for management and steering committees. /li /br /ul /brh3Key Performance Indicators: /h3 /brul /brlipbAssessment Coverage: /b Analyze critical projects before production \"Go-Live.\" /p /li /brlibRemediation Rate: /b Address or formally accept high‑risk findings. /li /brlibRisk Prediction Reliability: /b Ensure no major security vulnerabilities are discovered in production that were not identified during the GRC assessment phase. /li /brlibTurnaround Time: /b Minimize the duration between project intake and the finalization of the security risk report. /li /br /ul /brh3Skills Required: /h3 /brul /brlipbAvailability Location: /b Commit to a 3‑day work week with at least 2 days on-site. /p /li /brlibFramework Mastery: /b Expertise in Cyber frameworks (ISO 27001/27002/27005, NIST) and the NIS2 directive. /li /brlibTechnical Risk Expertise: /b Proficient in applying OWASP Risk Rating Methodology and performing technical architecture reviews, particularly in Cloud/GCP environments. /li /brlibAnalytical Mindset: /b Ability to identify risks and find hidden gaps in technical documentation. /li /brlibCommunication: /b Fluent in English, capable of simplifying complex security issues for non‑technical stakeholders. /li /brlibExperience: /b Minimum of 5 years in Cyber Security, specifically in a GRC or Security Architecture role. /li /br /ul /p #J-18808-Ljbffr