Cyber Security Consultant - Expert

Start Date: 14/04/2025

End Date: 31/12/2025

Location: Brussels

Role Description:

We are looking for an experienced Cybersecurity Consultant with expertise in DORA compliance. The role involves assessing, advising, and implementing cybersecurity and operational resilience strategies to ensure compliance with DORA and related regulations. The consultant will work closely with the IT team and report to the Head of IT.

Key Responsibilities:

• DORA Compliance Advisory: Provide expert guidance on aligning cybersecurity frameworks, IT risk management, and operational resilience strategies with DORA requirements.
• Gap Analysis & Risk Assessment: Conduct assessments to identify gaps in existing cybersecurity and ICT risk management practices.
• Policy & Framework Development: Assist in developing ICT risk management, incident reporting, third-party risk management, and business continuity frameworks.
• Incident Response & Crisis Management: Support in establishing incident reporting mechanisms aligned with DORA mandates.
• Testing & Simulation: Collaborate with third-party suppliers to ensure penetration testing, vulnerability assessments, and operational resilience testing meet regulatory standards.
• Regulatory Reporting & Documentation: Prepare compliance reports and ensure proper documentation for audits and regulatory scrutiny.

Language Requirements:

• Dutch: Preferred
• French: Preferred
• English: Fluent orally and written (mandatory)

Education and Certifications:

• Cyber Security Certification
• Relevant certifications are a plus (CISM, CISSP, CRISC, CISA, ISO 27001 Lead Implementer/Auditor, CEH).

Telework Expectation:

60% on-site (Tuesday, Thursday + 1 day of choice) & 40% homeworking

Required Experience / Knowledge:

• At least 5 years of relevant experience.
• Proven technical and hands-on experience in cybersecurity, vulnerability assessment, monitoring tools, logging tools, access management tools.
• Strong knowledge of cloud security, third-party risk management, and penetration testing methodologies.
• IT risk management or operational resilience within financial services.
• Strong knowledge of DORA and other relevant regulations such as NIS2, GDPR, EBA/ECB ICT risk guidelines, and ISO 27001/27005.
• Experience with cyber risk assessments, business continuity planning (BCP), disaster recovery (DR), and incident response.
• Familiarity with cybersecurity frameworks (NIST, CIS, ISO 27001, MITRE ATT&CK).
• Ability to engage with regulators, auditors, and senior stakeholders to explain compliance strategies.

Preferable:

• Knowledge and experience with Azure infrastructure tenant solution and setup.
• Experience with the usage of ServiceNow.
• Experience working with European financial regulators or internal audit teams on DORA-related projects.

Business Experience:

• Proven experience in developing and writing clear information security processes and procedures.
• Experience in working with third-party suppliers.
• Good communication skills - both written and orally, adapted to the audience.
• Good presentation skills to convey messages clearly and understandably.

Soft Skills:

• Team player
• Ability to work in a dynamic and multicultural environment
• Quick self-starter, proactive attitude
• Good analytical and synthesis skills
• Quality-minded with attention to detail
• Goal-oriented, able to handle project pressure and meet deadlines
• Autonomy, commitment, and perseverance