ICT Cyber Security Norms and Compliance Expert
Hiring Process
Time to Answer
2 open days
Process
1 Phone Call
1 Onsite Interview
Days to get an Offer
4 Days after Interview
Overview
ICT Cyber Security Norms and Compliance Expert with 5+ years in Information Security and IT process controls management. Certified (CISA, CISM, CISSP, ISO 27001). Skilled in audit techniques, NIST, PCI DSS, EU and Belgium regulations, team collaboration, metrics, dashboarding, project management, and GRC tools (RSA Archer, SNOW).
Job Responsibilities
- Ensure
the understanding of the company's IT Governance and Cyber Security and Risk
Normative Framework: procedures, requirements, guides, standards
- Analyse if the wording of the Group Normative framework is clear
- Maintain the declination of the Group Cyber Security Normative framework within the company
- Analyse if the Group Normative framework updates do not trigger any implementations issues
- Enhance the company's Cyber Security Normative Framework by adding additional requirements (or procedures) to ensure alignment and compliance with local laws, regulations, and/or contractual requirements
- Maintain a traceable inventory of changes related to updates in Cyber Security Normative framework
- Report a multidimensional compliance view: towards Group, towards Local law, towards PCI DSS
- Report to senior management and to stakeholders (including the Internal Audit) the results of deployment of Cyber Security Normative framework
- Contribute to creating/ updating processes and procedures regarding Cyber Security
-
Reporting
to the Senior management regarding the implementation status or compliance with
laws and regulations
Must Have Skills
- Master's degree in IT, science, or engineering, with a strong ICT control background or equivalent proven experience/skills in the field; or an audit certification in ICT Audit/ICT controls
- At least 5 years of experience in Information Security and in IT process controls management
-
Formal
ICT Security certification or equivalent (CISA, CISM CISSP, ISO 27001 lead
auditor/implementer)
- Proven skills and experience in Information Security
-
Knowledge
of Audit and diagnostic techniques and procedures
- Excellent knowledge in Information Security Standards (NIST, PCI DSS)
- Knowledge of EU and Belgium regulations in security area
- Strong skills in coordinating and collaborating with cross-functional teams and external resources
- Experience in Metrics definition and dashboarding
-
Project management and coordination skills
- Knowledge of GRC Tools such as RSA Archer, SNOW
-
Knowledge
of regulations such a Chaps, CIS
-
Knowledge
of Agile Methodology
- Good knowledge of Excel (pivot tables, formulas) and Word, PPT
- Knowledge of SharePoint
- Ability to understand end-to-end ICT process flows and stakeholders (IT and business)
- Ability to explain (communicate) with the business stakeholders regarding the Cyber security normative framework
-
Experience
in Reports and Memo drafting, reports, presentations addressed to senior
management
- Ability to challenge stakeholders
- Fluent proficiency in both spoken and written French and English is mandatory
-
Good proficiency in both spoken and written Dutch
Nice to have
- Experience
in banking environment
- Ability to analyse complex information and propose practical recommendations in a meaningful way
- Ability to produce structured and concise documents
- Excellent interpersonal skills and the ability to build good working relationships in sensitive contexts
- Ability to work in a dynamic and multi-cultural environment
- Pro-active attitude
- Strong planning and organisational skills
-
Problem
solving skills
What's great in the job?
- Great team of smart people, in a friendly and open culture
- No dumb managers, no stupid tools to use, no rigid working hours
- No waste of time in enterprise processes, real responsibilities and autonomy
- Expand your knowledge of various business industries
- Create content that will help our users on a daily basis
- Real responsibilities and challenges in a fast evolving company
Work at yechte
We are an independent digital consultancy with ambitious goals and a global presence. We support a diverse range of companies, building digital teams and delivering innovative digital solutions. Our multicultural and diverse workforce, comprised of ‘Global Citizens’, reflects this inclusivity.
We care about work-life balance and meeting the expectation of a growing team, investing in people because they are our greatest asset. Our consistent growth is a testament to this commitment.
Come work at yechte, a company on the rise, offering excellent benefits, opportunities for personal development, and the chance to learn from accomplished leaders. We are always looking for exceptional professionals to join our team.
What We Offer
Each employee has a chance to see the impact of his work. You work on real digital projects and make tangible contributions to the company. We want to provide to each individual personal, professional and social growth.
Attractive Benefits
We care about your comfort. At yechte we offer cost-effective and eco-friendly mobility plans, food allowances, and comprehensive healthcare support, enhancing employee satisfaction.
Personal Development
We care about your growth. At yechte we offer to boost your personal growth through tailored IT trainings and certifications, fostering a culture of agility and tech-driven expertise.
Flexibility
We care about your wellbeing. At yechte we offer flexi-hours and hybrid home/office work arrangements, enhancing employee work-life balance and productivity.
