Homepage Open Sollicitatie / Inschrijven

logo

Bekijk alle vacatures

Cyber Security Officer (Part-Time)

Vlaams-Brabant, Vlaams-Brabant

Cyber Security Officer

Location: Zaventem

Start Date: ASAP

Duration: 3 months with possible extensions

Work Schedule: Part-time, 3 days per week (2 days on-site)

Language Requirements: English

Key Responsibilities:

  • Technical Risk Decomposition: Identify security vulnerabilities by deconstructing complex project architectures and data flows. Utilize OWASP Risk Rating Methodology for application-level threats and ISO 27005 for systemic IT risks.

  • Cross-Functional Collaboration: Work with Architects and DevOps teams to integrate security controls without affecting delivery speed.
  • Compliance Oversight: Ensure compliance with internal security policies and regulations, including GDPR and NIS2, throughout the project lifecycle.
  • Architecture Deep-Dives: Analyze software design, including APIs and micro-services, to detect flaws as per the OWASP Top 10.
  • Third-Party Security: Conduct security reviews of external contracts and assess critical service providers.
  • On-site Stakeholder Engagement: Lead workshops with Architects and Product Owners to translate regulatory requirements into technical controls.
  • Reporting: Convert technical risks into actionable business insights for management and steering committees.

Key Performance Indicators:

  • Assessment Coverage: Analyze critical projects before production "Go-Live."

  • Remediation Rate: Address or formally accept high-risk findings.
  • Risk Prediction Reliability: Ensure no major security vulnerabilities are discovered in production that were not identified during the GRC assessment phase.
  • Turnaround Time: Minimize the duration between project intake and the finalization of the security risk report.

Skills Required:

  • Availability & Location: Commit to a 3-day work week with at least 2 days on-site.

  • Framework Mastery: Expertise in Cyber frameworks (ISO 27001/27002/27005, NIST) and the NIS2 directive.
  • Technical Risk Expertise: Proficient in applying OWASP Risk Rating Methodology and performing technical architecture reviews, particularly in Cloud/GCP environments.
  • Analytical Mindset: Ability to identify risks and find hidden gaps in technical documentation.
  • Communication: Fluent in English, capable of simplifying complex security issues for non-technical stakeholders.
  • Experience: Minimum of 5 years in Cyber Security, specifically in a GRC or Security Architecture role.

Deel deze vacature

Powered by