Information Security Officer

Publicatiedatum: 22 augustus 2024
- Brussels
- Contract open-end

In the rapidly evolving digital era, the necessity for an Information Security Officer (ISO) is paramount due to the increasing complexity of IT environments and the surge in sophisticated cybersecurity threats. Organizations rely on ISOs not only to safeguard sensitive data against breaches and ensure compliance with new regulatory standards such as NIS and CRA but also to lead the development of robust risk management frameworks. By fostering a culture of security risk awareness, ISOs play a critical role in enabling organizations to navigate the challenges of modern cybersecurity landscapes while maintaining trust and integrity in their operations.

As an an experienced Information Security Officer; you will join the IT team and help Luminus to manage information security risks. As our Information Security Officer, you will be responsible for developing and maintaining our IT security policies, standards and controls. You will be responsible for conducting risk assessments and other governance, risk & compliance (GRC) activities such as IT vendor risk management, security control testing and organizing compliance assessments. Next to this you will be involved in projects such as an ISMS implementation and a NIS compliance project.

**Your daily job**
- You create and maintain IT risks, IT controls, threats, and vulnerabilities
- You define test procedures to guide the testers during the IT control assessments
- You setup, send out and approve the test results of the IT compliance assessment
- You setup, send out and approve of the IT control assessment
- You setup, send out and approve the results of IT risk assessments
- You manage findings
- You report test results and status of open actions to stakeholders and to the business
- You develop & maintain information Security policies, processes, procedures, standards and guidelines
- You establish and maintain strong working relationships with the departments involved with information security (Procurement, IT/OT, Legal, Human Resources)
- You are responsible for the implementation of improvements to the effectiveness of the Information Security Program and its operations
- You coordinate periodic internal security audits and risk assessments
- You support internal and external information security audits
- You support third-party related risk assessments
- You liaise with the EDF Group Cyber Group Office (GCO), aligning on:

- Compliance with the internal control framework
- Implementation of the Cyber Memorandum
- You perform other duties to support the improvement of security of the organization as required

**Your profile**
- You are independent, able to follow up your own tasks, and possess a self-starter mentality.
- You can advise and convince people without hierarchical relations through empowerment.
- You deliver concrete and tangible results (for example, policies and completed risk assessments).
- You have a helicopter view.
- You are a networker and team player, who is flexible.
- You are able to make decisions.
- You have a proactive and purposeful attitude.
- You are a correct communicator, able to interact with different levels in the organization.
- You possess analytical skills.
- You have in-depth experience in the governance, risk, and compliance domain and activities (risk assessment).
- You have extensive experience in writing content for policies and processes.
- You have experience operating GRC (Governance, Risk, and Compliance) solutions.
- You have extensive experience with third-party risk management and implementing ISO27001.
- You have fair knowledge of service management tools.
- You have a fair understanding of infrastructure and software generic components (network technology, operating systems, DBMS, development languages, etc.).
- You hold a bachelor’s degree in exact sciences or have gained equivalent knowledge through relevant work experience.
- Preferred certifications for you include: CISSP, CISM, ISO27001 lead implementer, and ISO 27005.
- You are fluent in English and Dutch or French

Other information

Curious about your benefits and more? Visit our jobsite.