Mission Description

You work within the CSO and report to the Chief Security Officer.

The consultant contributes to defining and implementing the organization's vision and ambitions regarding cybersecurity, in close collaboration with the Information Security Manager (IT department). They update and maintain the information security policy, taking into account security risks and the organization's risk appetite.

In this context, the consultant's main objective is to obtain and maintain STIB's certification in compliance with NIS2 requirements. They act as the Project Manager NIS2.

The ideal candidate is proactive, eager to develop their skills in cybersecurity, and has a good understanding of basic technical concepts as well as an interest in organizational challenges. They must be able to communicate effectively and translate technical concepts into elements understandable for non-technical stakeholders.

Responsibilities

• Implement cybersecurity initiatives defined by the company in coordination with the IT department.
• Draft, maintain, and enforce information security policies, ensuring their alignment with the organization's risk appetite and regulatory requirements.
• Responsible for NIS2 compliance activities, with an explicit objective of STIB certification (NIS2 Essential), including defining, implementing, and monitoring action plans.
• Ensure the follow-up of the implementation of cybersecurity measures aimed at protecting data, systems, and networks.
• Collaborate with internal teams and stakeholders to integrate security requirements into existing processes.
• Serve as a point of contact for certain information security questions (outside IT scope), with the support of more senior profiles.
• Assist in making technical concepts and risks accessible to non-specialized teams.
• Contribute to the identification and assessment of information security risks.
• Participate in cybersecurity awareness actions under the guidance of the Security Business Development Manager.
• Stay informed about trends, regulations, and best practices in cybersecurity.
• Contribute to the preparation of reports and dashboards on the organization's security posture.

The candidate must have:

• Initial experience or internship in cybersecurity, information security, or IT (4 years).
• Bachelor or Master’s degree in computer science, information security, or a related field.
• Interest in security governance and information security policies.
• Initial exposure to frameworks or standards (ISO 27001, NIST CSF, CyberFundamentals, NIS2) is a plus.
• A basic certification (or in progress) such as Security+, ISO 27001 Foundation, or equivalent is an asset.
• Experience in project management.
• Good analytical skills and willingness to learn.
• Good communication skills and ability to work in a team.

Additional Information

The mission can be extended for a maximum duration (including initial duration) of: 880 working days.