Voorstelling bedrijf Bekijk de andere vacatures

afarax - Third-party Cyber Security Risk Assessor


  • The Governance, Risk and Compliance team of our client supports IT and Business Units to develop adequate solutions on operational risk management practices, focusing but not restricted to Information Security.
  • Their main missions are:
    • Identify operational information risks on assets/applications, projects and 3rd - parties.
    • Advice, consult, monitor and report on risk treatment in order to reduce the overall risk exposure of IT and Business at an optimized cost.
    • Elaborate and manage the implementation of a flexible strategy to reduce Information Security risks in accordance to the Information Security policies of the client.


Function Description

  • In the context of the compliance with the GDPR, GS GRC team is looking for a Third-party Cyber Security assessor to ensure the right security measures are applied by our Third-parties to adequately protect the client data.
  • To achieve this goal:
    • you execute security risk assessments on 3 rd -parties organization, providing services to IT or Business Lines.
    • you maintain the identified risks in the risk registry database - you ensure that information security requirements are included in third parties contracts.
    • you deliver consulting on risk management to internal customers (IT and Business) :
    • Proposition or validation of measures to mitigate risks.
    • Creation of detailed or synthetic risk report, structured and formulated in line with the client and Information Security Risk Management best practices.
    • Support in increasing risk control maturity by providing a valuable follow up and reporting. - you report risks and overall risk posture to Information Security, IT or Business Management
    • Correlate risks across a portfolio of projects or activities; identify and propose transversal risk mitigating actions.
    • Create risk dashboards and reports for a management audience.
    • Create one-pagers and synthetic risk reports for a management audience.
    • You manage customer relationship, and are the Single Point Of Contact for the risk management services you delivered. You customize services to meet customer needs or expectations while ensuring compliance with risk management methodologies and guidelines.
    • You support our Procurement department in the relationship they maintain with the Third-parties.



  • Languages: Fluent : French / Dutch / English  
  • Experience:
    • Professional experience in information security (5+ years)
    • Experience in Third-party security assessments
    • Experience in delivering presentations and training
  • Business Experience:
    • Knowledge of Information Security and Risk Management frameworks
    • Professional experience in information security (5+ years)
    • Strong IT background.
    • Protection laws like GDPR
    • Knowledge of control frameworks and Professional experience in Financial Services.
  • Technical Experience:
    • 2-year experience in security technology and processes Metrics definition and Dashboarding
    • Significant experience in operational/security risk management
    • Knowledge of Data audit methodologies.
  • Soft skills:
    • Quick self-starter, pro-active attitude. 
    • Excellent English writing skills. 
    • Good communication and influencing skills.
    • Good analytical and synthesis skills, ability to produce structured and concise documents.
    • Autonomy, commitment and perseverance in personal organization.
    • Ability to work in a dynamic and multi-cultural environment.
    • Accurate & control minded, but flexible.
    • Ability to capture and adapt to stakeholder expectations. 
    • Results-oriented.
    • Team player.
    • High performer
    • Ability to train other staff and bank internal customers
  • Security certifications like CISSP, CISM, CIPP, CCSK. is a plus as an experience in Cloud services and a knowledge of software development security best practices.

Beschrijving bedrijf

afarax is proud to be a Belgian company since 2010 with a head office in Brussels. We provide consulting & Recruitment services for local and international companies with a clear focus on ethic & Quality.
Our people are our greatest asset! They make our clients happy... With 15 years of combined experiences in the field of consulting we connect people with the right expertise.

Toon volledige beschrijving
Gelijkaardige vacatures
Gelijksoortige vacatures gebaseerd op de criteria : Security Engineer Risk & Compliance Manager
Mijn account Nog niet ingeschreven?