IT Risk Officer
Posted on May 4, 2020 by Gazelle Global Consulting
IT Risk Officer | Anderlecht, Brussels | Minimum 6 months contract | Excellent hourly rate
The IT Risk Officer will join the Risk & ITSCM team within our client CISO organisation (Cyber and Information Security Office).
The IT Risk Officer is responsible for guarding the vision, the development of strategy and the implementation of the Information Security Risk and IT Risk Management programme within our clients organisation.
You identify, analyse and report information security risks for different Business Units.
You provide Information Security requirements for IT projects. You will follow up on the implementation status of agreed controls.
You identify, analyse and report on the internal IT risks, and take care of the follow-up. You maintain the risk register and take care of the management reporting.
You participate in the implementation of an ISMS. You define risk policies, standards, procedures and guidelines. You take care of their communication and awareness at the respective audiences. You follow up and report on their implementation and status.
The influence of the IT Risk Officer extends across the entire enterprise.
The Risk Officer reports to the Risk & Service Continuity Manager within the CISO organisation.
Information Risk Management
* Setting up and maintaining an Information Risk Management framework, based on the ISF IRAM methodology.
* Defining, organizing and applying "information risk analysis", "treatment" and "monitoring" processes.
* Incorporation of information risk management processes in the existing business and IT processes.
* Setting up and maintaining an information risk registry.
* Active execution, monitoring and adjusting of information risk analysis (Business Impact Assessments, Threat & Vulnerability Assessments)
* Guiding business about their availability requirements versus disaster recovery capabilities, in cooperation with the Service Continuity Officers.
* Aligning risk assessments and controls with the Data Protection Officers.
IT Risk Management
* Setting up and maintaining an IT risk management framework, based on ISO 31000, COBITv5 and the NMBS Enterprise Risk Management framework.
* Defining, organizing and applying IT risk analysis, treatment and monitoring processes.
* Incorporation of this IT risk management processes in the existing business and IT processes.
* Active execution, monitoring and adjusting IT risk analyses.
* Setting up and maintaining an IT risk register.
* Setting up and maintaining relationships and act as a point of contact with (internal) audit and other risk departments.
In both of these domains, you will work closely with IT PMO to align with existing IT processes, with IT project managers and operational managers to identify or mitigate risks, with the Data Protection Officers to guard privacy, with IT Compliance Officers, with the CyberSecurity team, and with IT Service Continuity Officers to align on risks and BIA's.
* Bachelor's degree or equivalent experience
* 3 to 10 years of relevant experience in risk management and/or information security
* Knowledge of ISO2700x, ISO31000, COBIT5, ITIL,
* Experience in assessing and managing IT and/or Information Risk
* Broad knowledge of IT processes and technology
* Knowledge of security architectures and controls
* Knowledge of ISF IRAM is a plus
* Experience in managing and overseeing security in third-party service providers.
* Certifications: CISSP, CISM, CISA or CRISC is a plus
* Problem analysis and conflict management
* Customer focus and ability to handle in an organisation-sensitive way
* Record of responsibility
* Spoken and written fluency in English, and Dutch or French
* Passive understanding of Dutch and French
- Conflict management
- Knowledge of ISO2700x, ISO31000, COBIT5, ITIL
- Knowledge of security architectures and controls
- Problem analysis
- Risk management and/or information security
- English, French or Dutch
Shortlisting immediately, phone interview today.
This role is suitable for an IT Risk Officer (English, French or Dutch-speaking) in Anderlecht, Brussels, who is looking to work in a funny and professional team within a successful multinational company.
If you are thinking about what to do next, apply now and attach your CV and we will be in touch as soon as possible.