Security / Cybersecurity Expert (ISO 27001 – NIS2)

Location: Brussels, 2 days in the office

Language Requirements: English is mandatory; French or Dutch are an asset but not required.

Team Composition: Join a new team of 5 colleagues.

Project Duration: Aligned with the ISO 27001 certification roadmap and ongoing security maturity objectives.

Seniority Level: Medior - Senior (7-10 years of experience)

Role Type: Contractor

Responsibilities:

• Support the design, implementation, and continuous improvement of the Information Security Management System (ISMS) in line with ISO 27001 and NIS2 requirements.
• Ensure effective implementation of organizational, operational, and technical security measures.
• Coordinate security governance and operational security practices.
• Oversee and follow up on key security capability initiatives, such as technical implementation projects and operational process definition & roll-out (e.g., SIEM, SOC, backup/restore, DR/BCP).
• Contribute to audit readiness and certification processes.

Key Activities:

Governance & ISMS Management

• Develop, review, and maintain security policies, standards, guidelines, and operational security procedures.
• Conduct and maintain risk assessments, risk treatment plans, and asset inventory.
• Ensure documentation and evidence collection aligned with ISO 27001 requirements.
• Prepare and support internal and external audits.

Organizational & Operational Security

• Define and formalize security roles and responsibilities.
• Implement and improve access management, incident response, vulnerability management, and supplier security management processes.
• Support awareness and training initiatives.

Technical Security Oversight

• Provide expert guidance for technical security implementations, including backup & restore, SIEM platform deployment, SOC setup, vulnerability scanning, and DR/BCP framework implementation.
• Validate security architecture choices and ensure traceability to risk treatment plans.

Security Capability Development

• Define and enhance security monitoring capabilities and threat detection processes.
• Establish KPIs and reporting mechanisms for security performance.

Expected Deliverables:

• Documented operational procedures
• Oversight reports for technical security projects
• Risk assessment and treatment documentation
• Audit preparation material
• Security roadmap and maturity improvement plan
• Governance reporting dashboards
• ISO 27001-compliant ISMS documentation

Profile Requirements:

• 7-10 years of experience in cybersecurity and information security management.
• Proven experience in ISO 27001 implementation and certification support.
• Experience in telecom or highly regulated environments is a strong asset.
• Experience working in multi-stakeholder environments.

Technical & Functional Competencies:

• Strong knowledge of ISO 27001, ISO 27002 controls, NIS2 framework, risk management methodologies, and security governance frameworks.
• Ability to bridge governance and technical implementation.
• Strong documentation and structuring skills.
• Audit experience (internal or external).

Soft Skills:

• Autonomous and structured.
• Strong stakeholder management capabilities.
• Ability to work at strategic and operational levels.
• Clear communicator for both technical and executive audiences.
• Pragmatic and solution-oriented.

Reporting & Collaboration:

• Reports to management.
• Works closely with technical and operational teams, security teams, and external auditors and certification bodies.