Governance Risk & Compliance Specialist

About us

Gramian Consulting is a boutique consultancy specializing in IT professional services and engineering talent solutions. With a strong background in software engineering and leadership, we help companies build high-performing teams by matching them with professionals who truly fit their needs. This opening is on behalf of one of our clients, and we’ll work closely with you to make the process clear and straightforward.

About Client

Our client is a European leader in cybersecurity and a global leader in data protection. With more than 40 years of experience in cybersecurity, supported by a talented cybersecurity team, the company continuously offers a wide range of customized cybersecurity solutions.

About Role

They are looking to hire an expert with strong analytical and problem-solving skills in a company that values professionals with credentials such as the Certified Information Systems Security Professional (CISSP) and the Certified Information Security Manager (CISM) to demonstrate expertise.

Responsibilities

• Assist clients in developing and implementing Information Security Policies, processes, and awareness programs to strengthen their security posture.
• Conduct maturity assessments and gap analyses based on industry standards (ISO 27001/27002, SANS CIS TOP20, NIST CSF) and regulatory requirements (e.g., GDPR, PSD2, CSSF).
• Establish and guide organizations in adopting Information Security programs and frameworks tailored to their business needs.
• Execute risk management activities at both organizational and project levels, in line with ISO 27005 and other relevant methodologies.
• Perform internal, external, and pre-certification Information Security audits, offering support to internal audit functions when needed.
• Provide expert advisory services to CISOs, Risk Officers, and Data Protection Officers on matters related to Information Security.

Location, Interview process

• The candidate must be located in Belgium
• The work is hybrid in Brussels area
• The interview process has 3 steps with a Human Resources officer, -> a Team leader, and -> a Hiring manager.

• Education and Expertise: Minimum Bachelor's degree with 3 years of experience and knowledge in performing maturity assessments and gap analysis against standards such as ISO 27001/27002, SANS CIS TOP20, NIST Cybersecurity Framework, and relevant regulatory frameworks (CSSF, GDPR, PSD2).
• Information Security Management: Ability to establish and lead Information Security programs and implement risk management processes according to ISO 27005, including conducting ad hoc risk assessments at the project level.
• Audit and Consulting Services: Experience in performing Information Security audits (internal, external, pre-certification) and providing expert support and consultation to CISOs, Risk Officers, DPOs, and Internal Auditors.

Qualifications

• Proficiency in Dutch and English are a must-have.
• At least 3 years of work experience is mandatory.
• French language skills are a plus.
• Relevant certifications in Information Security (e.g., CISSP, CISM) are preferred.
• Strong analytical and problem-solving skills.

• Opportunity for personal growth, education, and promotion to team lead
• Friendly collaborative environment
• TOIL 12
• DKV Health Insurance
• Pluxee meal vouchers
• Company car, fuel card
• Bonus