Ref: #67288

GRC Consultant

Job Title: GRC Consultant

Location: Zaventem, Belgium

Work Setting: Hybrid

 

About Us

We are committed to ensuring security and privacy. Supported by a skilled cybersecurity team, we provide a wide range of tailored solutions to meet your security needs. From consulting services to 24/7 monitoring through our C-SOC cybersecurity platform, we offer rapid incident response and comprehensive “security as a service.”

 

Key Responsibilities

 

Enablement Practice

  • Assist clients in implementing Governance, Risk, and Compliance (GRC) frameworks, including Information Security Policies and Procedures, to mitigate potential risks.
  • Deliver GRC and Information Security Awareness training to enhance client knowledge and preparedness.

 

Assurance Practice

  • Conduct maturity assessments and gap analyses based on established standards such as ISO 27001/27002, SANS CIS TOP 20, NIST Cybersecurity Framework, as well as legal and regulatory requirements (CSSF, GDPR, PSD2), or an organization's own GRC policies.
  • Develop and establish a GRC program, guiding clients toward a defined and structured Information Security framework.
  • Perform all aspects of the Information Security Risk Management process as outlined by ISO 27005 at the organizational level.
  • Carry out risk assessments at the project level on an ad hoc basis.
  • Provide customized GRC services tailored to client needs.
  • Offer expert advice and support to CISOs, Risk Officers, and DPOs on GRC-related matters.

 

Audit Practice

  • Conduct internal and external GRC audits, as well as pre-certification audits, in line with established standards (ISO 27001/27002, SANS CIS TOP 20, NIST Cybersecurity Framework), legal/regulatory frameworks (CSSF, GDPR, PSD2), or an organization's Information Security Policy.
  • Collaborate with Internal Auditors, providing expertise and guidance on GRC and Information Security matters.

 

Qualifications

  • Proficiency in both Dutch and French is required.
  • A minimum of 3 years of relevant work experience in GRC or Information Security.
  • English language proficiency is considered a plus.
  • Relevant certifications in GRC or Information Security (e.g., CISSP, CISM) are highly desirable.
  • Strong analytical and problem-solving abilities.

 

For more information and to apply, share your up to date CV to me at jude.russell@next-ventures.com

Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!