Location: Belgium or UK (UK-based candidates must be via an accredited umbrella company and must be on-site in Belgium at least 4 days per month)
Division: CISO (Cyber Information Security Office)
Overview:
Our client in the Financial Sector places a strong emphasis on IT Risk Management and Security, integrating these aspects deeply into management systems and processes. Within the Cyber Information Security Office Division, the Regulatory Watch, Policies, and Controls team is responsible for defining and implementing the policy and control framework to address key IT and Security risks while ensuring compliance with relevant regulations and external requirements applicable to the Technology organization.
Role Summary:
As an IT Risk & Security Controls Manager, you will be responsible for managing the control framework, covering critical IT and security domains such as Identity & Access Management, Vulnerability Management, Security Monitoring, Incident Management, and Platform, Network, and Application Security.
The control framework aligns with industry standards, including IT COBIT, ISO 27001/2, and CIS, and is being implemented in the ServiceNow GRC platform. You will contribute to defining, implementing, and managing controls through their lifecycle, ensuring continuous monitoring and improvement.
Key Responsibilities:
Design and implement effective controls to address key risks and regulatory requirements across security domains.
Promote and enforce a strong risk culture and enhance control maturity within the IT organization.
Collaborate with process owners, control owners, and performers across IT divisions and locations.
Engage with second and third lines of defense, including Risk Management and Internal Audit.
Ensure controls transition smoothly into live operation, supporting continuous improvement.
Provide subject matter expertise (SME) on IT and Security Risk transformation initiatives.
Qualifications & Experience:
Master's degree in a relevant field (e.g., Computer Science, Engineering, Cybersecurity) or equivalent experience.
Minimum of 7 years of experience in risk and control environments, particularly in designing and implementing controls in large, multi-platform IT environments.
Strong knowledge of Information Security Management Systems and Technology Domains.
Relevant security certifications (CISSP, CISM, GIAC) are highly preferred.
Experience with ServiceNow GRC or similar governance, risk, and compliance solutions is a strong asset.
Excellent proficiency in English (spoken, written, and presentation skills).
Soft Skills:
Strong risk and control mindset with attention to detail and a high-quality work approach.
Effective communicator, able to coordinate and collaborate with diverse teams and management levels.
Strong relationship-building and diplomacy skills.
Self-motivated and proactive, capable of handling challenging priorities.
Ability to challenge and influence IT and Security stakeholders constructively.
Proven expertise in risk and security controls, with the ability to share knowledge and mentor team members.
Application Guidelines:
Do not contact the Hiring Manager directly. Non-compliance will result in candidate rejection.
Only candidates based in Belgium or the UK will be considered.
Maximum of three CVs per submission. Failure to adhere to this limit will result in candidate rejection.
Join our client's Financial Sector organization and play a key role in strengthening their IT security posture through effective risk and control management.
