Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.

Third-Party Cyber Security Risk Assessor

Eingestellt von Base 3

Gesuchte Skills: Design, Support

Projektbeschreibung

ROLE:

- you execute security risk assessments in IT and business, scoping projects or Legacy assets (applications, business solutions, 3rd-parties organization, processes ). Maintenance of identified risks in the risk registry database - you ensure that information security requirements are included in third parties contracts.
- you execute the information security control plan on third parties to ensure that they are performing accordingly with the contract.
- you coordinate and perform security audits on third parties.
- you setup processes and procedures for an end to end security management for assets.
- you deliver consulting on risk management to internal customers (IT and Business):
- Proposition or validation of measures to mitigate risks.
- Creation of detailed or synthetic risk report, structured and formulated in line with the Group and Information Security Risk Management best practices.
- Support in increasing risk control maturity by providing a valuable follow up and reporting.
- you report risks and overall risk posture to Information Security, IT or Business Management
- Correlate risks across a portfolio of projects or activities; identify and propose transversal risk mitigating actions.
- Create risk dashboards and reports for a management audience.
- Create one-pagers and synthetic risk reports for a management audience.
- you manage customer relationship, and are the Single Point Of Contact for the risk management services you delivered.
- You customize services to meet customer needs or expectations while ensuring compliance with risk management methodologies and guidelines.
- you contribute to definition and improvement of risk management methods and tools supporting those activities (risk identification guide, risk evaluation Matrix, industrialization of risk monitoring and reporting framework and deliverables) taking into account your field experience as well as best practices coming from the Group or other sources like regulators, Basel II, CobIT, ISO27000/31000 ...
- you contribute to writing processes and procedures supporting risk management activities outlined above, for both an expert and non-expert audience.

PROFILE:

Education:

- Bachelor/Master

Languages:

- French: fluent
- Dtuch: fluent
- ENGLISH: FLUENT (MANDATORY)

Experience:

- Professional experience in information security (5+ years)
- Experience in process design and improvement
- Experience in Third-party security assessments
- Experience in delivering presentations and training
- KNOWLEDGE OF INFORMATION SECURITY AND RISK MANAGEMENT FRAMEWORKS (MANDATORY)
- PROFESSIONAL EXPERIENCE IN INFORMATION SECURITY (5+ YEARS) (MANDATORY)
- STRONG IT BACKGROUND (MANDATORY)
- PROFESSIONAL EXPERIENCE IN FINANCIAL SERVICES (MANDATORY)
- 2-YEAR EXPERIENCE IN SECURITY TECHNOLOGY AND PROCESSES (MANDATORY)
- METRICS DEFINITION AND DASHBOARDING (MANDATORY)
- SIGNIFICANT EXPERIENCE IN OPERATIONAL/SECURITY RISK MANAGEMENT (MANDATORY)
- KNOWLEDGE OF DATA PROTECTION LAWS LIKE GDPR (MANDATORY)
- KNOWLEDGE OF CONTROL FRAMEWORKS AND AUDIT METHODOLOGIES (MANDATORY)
- Security certifications like CISSP, CISM, CIPP, CCSK.
- Experience in working with cloud services
- Knowledge of software development security best practices

Soft skills:

- Quick self-starter, pro-active attitude.
- Excellent English writing skills.
- Good communication and influencing skills.
- Good analytical and synthesis skills, ability to produce structured and concise documents.
- Autonomy, commitment and perseverance in personal organization.
- Ability to work in a dynamic and multi-cultural environment.
- Accurate & control minded, but flexible.
- Ability to capture and adapt to stakeholder expectations.
- Results-oriented.
- Team player.
- High performer
- Ability to train other staff and bank internal customers

Projektdetails

  • Einsatzort:

    Brussel, Belgien

  • Projektbeginn:

    asap

  • Projektdauer:

    6 months+

  • Vertragsart:

    Contract

  • Berufserfahrung:

    Keine Angabe

Geforderte Qualifikationen

Base 3