Context

The Federal Public Service Foreign Affairs, Foreign Trade and Development Cooperation is at the center of Belgium’s international policy. The main lines of Belgian foreign policy are drawn here, and our country’s positions, both at the national and international level, are defended here. Through active diplomacy, our organization defends the interests of Belgium and our fellow citizens around the world. In this way, we contribute to a safe, just, and sustainable world, based on shared values, human rights, and international rules.

Employees of the FPS do not only work from headquarters in Brussels, but also from around 120 posts (embassies and consulates). This makes our organization unique, and employees can take on many diverse and exciting challenges.

In this context, the Directorate for Information Technology (ICT) and Communication is responsible for everything related to IT and telecommunication support of the organization for the realization of the missions of the FPS Foreign Affairs, Foreign Trade and Development Cooperation, including infrastructure, software, and IT security. It is a dynamic and innovative environment that takes on challenges to offer modern and secure applications and support to our internal services and our citizens.

Vulnerability management is the cornerstone of an effective cybersecurity strategy, as it proactively identifies vulnerabilities in IT systems that can be exploited to compromise our IT services and sensitive data. The vulnerability management lead works closely with our CSOC and our operational teams to ensure that necessary software and hardware updates are properly classified, prioritized, and scheduled to close the “window of opportunity” for any attacker.

Tasks and responsibilities:

• Define the scope of vulnerability analysis for all infrastructure layers of the organization, in agreement with asset owners and our security managers.

• Administer vulnerability scanning tools.

• Plan and execute scheduled vulnerability scans in collaboration with asset owners and operational support teams.

• Assess, score, and perform risk analyses on assets, prioritizing discovered vulnerabilities in close collaboration with our CSOC.

• Agree on a remediation (patching) schedule with system engineers and asset owners.

• Provide vulnerability analysis and produce reports for management and system responsible staff.