General:

You work at the Cyber Command of Defense in the classified systems accreditation department. You are in contact with the Information System Security Representatives (ISSR) of various classified systems. Based on the Defense framework, which is inspired by an ISO27001 certification while integrating NATO and EU regulations, the ISSRs produce the necessary documents for the accreditation of the systems for which they are responsible (Concept of Use, Risk Analysis, Security Operating Procedures…).

As lead auditor, you are the single point of contact for the ISSR. You perform qualitative and quantitative checks of the provided documentation. You coordinate with specialized technical units (Software & configuration, TEMPEST, Crypto…) for the execution of technical tests to validate the solutions implemented.

In addition to your role as controller, you are also a resource person for the ISSR, a coach helping them achieve security objectives in compliance with the Law of December 11, 1998, regarding classification and security clearances, certificates, and opinions, in order to ensure the operational capability of Defense weapon systems.

You are ready to work in a military environment and are willing to share and transfer your knowledge to your colleagues in order to anchor this expertise within Defense and to consider ways to further develop this capability to better support clients in the future.

Details:

• At least 5 years of experience in security audit, either as an auditor or as an information security manager: CISO, ISSR, (Information) Security Officer, Compliance Officer…
• You have Belgian nationality and already possess a valid TRES SECRET level security clearance.
• Solid knowledge of information systems security and risk analysis frameworks (ISO27001, eBIOS, NIST, Information Systems Auditor, Information Security Officer, Data Privacy Officer…).
• You possess strong analytical skills, excellent communication skills, and a client-oriented mindset.
• You are capable of analyzing security documents. You can understand technical reports produced by specialists in order to discuss the contents with the ISSR.
• You have work experience in the field of information systems security. You are proficient in risk analysis techniques and are able to formulate recommendations and advise the accreditation authority in its decision-making process.
• You are able to communicate fluently, clearly, and effectively with stakeholders, to understand their needs, and to manage their expectations.
• You are comfortable in evolving environments and capable of learning quickly, both regarding tools and techniques and methods.
• You can collaborate effectively within a multilingual team, facilitate discussions, and encourage cooperation to achieve objectives. You work closely with others to deliver the expected results.

For supporting the accreditation capability of Defense’s classified systems. Works within the accreditation team and follows important files (MQ-9B, F-35…). The number of people with a TRES SECRET security clearance and Belgian nationality is very limited. However, this clearance is an absolute prerequisite to be authorized to perform the mission.