IT and Cyber Risk Manager

afarax is looking for a freelance IT and Cyber Risk Manager. We need you!

The project:

Our client in the banking sector is looking for a IT and Cyber Risk Manager to join their team.

Function description:

• You execute IT and security risk assessments in IT and business contexts (applications, business solutions, 3rd-parties organization, processes ).
• You execute information security and IT control plans on third parties to ensure that they are performing according to signed contracts.
• You coordinate and perform IT and security audits on third parties.
• You create one-pagers and synthetic risk reports for a management audience
• You set up processes and procedures for an end to end IT and security management for third-parties.
• You deliver consulting on IT and Cyber risk management to internal customers (IT and Business) :
• Proposition or validation of measures to mitigate risks.
• Creation of detailed or synthetic risk report.
• Support in increasing risk control maturity by providing a valuable follow up and reporting.
• You manage customer relationship and are the Single Point Of Contact for the risk management services you delivered.
• You contribute to definition and improvement of risk management methods and tools on the third-party management area.
• You contribute to writing processes and procedures supporting risk management activities outlined above, for both an expert and non-expert audience. Experience on linking different ISMS processes is a must.
• You are knowledgeable on CIAT topic and able to adapt to the way this is applied in the bank for third-party suppliers.
• You review IT and security contractual clauses for suppliers servicing bank activities.

Is this you?

• Fluent in Dutch, French and English
• Bachelor/Master or equivalent by experience
• (Optional) CISSP, CISM, CIPP, CCSK, ISO27001
• Professional experience in information security (5+ years)
• Experience in process design and Business analysis
• Experience in Third-party IT and security assessments
• Experience in risk management
• Experience in delivering presentations and training
• Significant experience in operational/security risks management
• Significant experience in working with cloud services (SaaS, HSP, AWS)
• Strong MS Office Skills (Excel, word, Powerpoint)
• Knowledge of software development security best practices
• Experience in release management, change management, incident management, testing
• Security certifications like CISSP, CISM, CIPP, CCSK
• Experience with RSA Archer and/or ServiceNow GRC
• Experience in vulnerability management and penetration testing
• Knowledge of control frameworks and audit methodologies
• Knowledge of Information Security and Risk Management frameworks (ISO27001, SOC, NIST, OWASP, etc.)
• Professional experience in information security (5+ years), particularly in cloud based solutions
• Strong IT background.
• Professional experience in Financial Services. used to work in large companies
• Experience in reviewing and amending IT and Cyber Third-party clauses in contracts
• Experience in banking environment

How afarax supports you?

• You benefit from our extensive network
• You will have access to projects that fit your expertise
• We help and support you throughout your project
• We offer the possibility to build a valuable and lasting partnership

Check out more projects on: