IT Control & Compliance Officer

Location: Brussels

Start Date: 01/12/2025

End Date: 31/12/2026

Role Description:

The IT Control & Compliance Officer will support IT and Business Units in protecting against operational risks linked to IT and Cyber Security. Responsibilities include executing ICT-related controls, establishing regular testing and review processes, and ensuring compliance monitoring and controls. The role aims to provide assurance on achieving IT, security, and continuity risk control objectives. The officer will also support the CISO in recording ICT risks in a risk register.

Responsibilities:

• Execute ICT-related controls beyond incident management, including regular testing and review processes.
• Support the CISO in recording ICT risks, including those from third-party providers and internal governance bodies, in a risk register.
• Create and follow up on action plans to mitigate risks.
• Define and set up monitoring of Key Risk Indicators (KRIs) for critical ICT functions, including third-party service providers.
• Coordinate the transposition of Group generic control plans and identify impacted assets and processes upon policy and control changes.
• Collaborate with internal stakeholders to ensure alignment and effective risk management.
• Manage local and Group reports adapted to the required audience.

Education:

Bachelor/Master or equivalent by experience.

Certifications (Preferable):

• ISO27k series
• Information Systems Security Professional (CISSP)
• CISA

Language Requirements:

• Fluent in French or Dutch (speaking and writing).
• Fluent in English (speaking and writing).

Telework Expectation:

60% on-site (Tuesday, Thursday + 1 day of choice) & 40% homeworking.

Required Knowledge/Experience:

• 3-5 years of experience in Information Security and IT process management.

Technical Experience (Mandatory):

• Designing and implementing IT generic controls.
• IT and security technology and processes.
• IT risk management and performing IT and Cyber risk assessments.
• Proficiency in Excel (pivot tables, formulas), Word, and PowerPoint.
• Knowledge of SharePoint (as a user).

Technical Skills (Preferable):

• Familiarity with cloud-based systems landscape.
• Knowledge of Service Now GRC.

Business/Functional Experience (Mandatory):

• Understanding end-to-end process flows and control needs.
• Metrics definition and dashboarding.
• Strong analytical and synthesis skills.
• Experience with KRI development and monitoring.
• Collaboration skills with different teams and external resources.
• Experience in drafting reports and memos for senior management.

Business/Functional Experience (Preferable):

• Knowledge of DORA regulatory requirements.
• Developing and implementing policies and processes in IT.
• Knowledge of cloud security and third-party risk management.

Soft Skills:

• Quick self-starter, pro-active attitude.
• Autonomy, commitment, and responsibility for tasks.
• Results and time-oriented.
• Team player.
• Ability to work in a fast-paced environment and prioritize multiple tasks and projects.