IT and Cyber Risk Manager

Posted 4 days 8 hours ago by afarax

Permanent
Not Specified
I.T. & Communications Jobs
Not Specified, Belgium
Job Description

afarax is looking for a freelance IT and Cyber Risk Manager. We need you!


The project:

Our client in the banking sector is looking for a IT and Cyber Risk Manager to join their team.


Function description:

  • You execute IT and security risk assessments in IT and business contexts (applications, business solutions, 3rd-parties organization, processes ).
  • You execute information security and IT control plans on third parties to ensure that they are performing according to signed contracts.
  • You coordinate and perform IT and security audits on third parties.
  • You create one-pagers and synthetic risk reports for a management audience
  • You set up processes and procedures for an end to end IT and security management for third-parties.
  • You deliver consulting on IT and Cyber risk management to internal customers (IT and Business) :
  • Proposition or validation of measures to mitigate risks.
  • Creation of detailed or synthetic risk report.
  • Support in increasing risk control maturity by providing a valuable follow up and reporting.
  • You manage customer relationship and are the Single Point Of Contact for the risk management services you delivered.
  • You contribute to definition and improvement of risk management methods and tools on the third-party management area.
  • You contribute to writing processes and procedures supporting risk management activities outlined above, for both an expert and non-expert audience. Experience on linking different ISMS processes is a must.
  • You are knowledgeable on CIAT topic and able to adapt to the way this is applied in the bank for third-party suppliers.
  • You review IT and security contractual clauses for suppliers servicing bank activities.


Is this you?

  • Fluent in Dutch, French and English
  • Bachelor/Master or equivalent by experience
  • (Optional) CISSP, CISM, CIPP, CCSK, ISO27001
  • Professional experience in information security (5+ years)
  • Experience in process design and Business analysis
  • Experience in Third-party IT and security assessments
  • Experience in risk management
  • Experience in delivering presentations and training
  • Significant experience in operational/security risks management
  • Significant experience in working with cloud services (SaaS, HSP, AWS)
  • Strong MS Office Skills (Excel, word, Powerpoint)
  • Knowledge of software development security best practices
  • Experience in release management, change management, incident management, testing
  • Security certifications like CISSP, CISM, CIPP, CCSK
  • Experience with RSA Archer and/or ServiceNow GRC
  • Experience in vulnerability management and penetration testing
  • Knowledge of control frameworks and audit methodologies
  • Knowledge of Information Security and Risk Management frameworks (ISO27001, SOC, NIST, OWASP, etc.)
  • Professional experience in information security (5+ years), particularly in cloud based solutions
  • Strong IT background.
  • Professional experience in Financial Services. used to work in large companies
  • Experience in reviewing and amending IT and Cyber Third-party clauses in contracts
  • Experience in banking environment


How afarax supports you?

  • You benefit from our extensive network
  • You will have access to projects that fit your expertise
  • We help and support you throughout your project
  • We offer the possibility to build a valuable and lasting partnership

Check out more projects on: