Security Grc Consultant

**About Devoteam**:
Devoteam is a leading consulting firm focused on digital transformation. We help our clients leverage technology to achieve their business goals.

Our **longstanding partnerships with leaders like AWS, Google Cloud, Microsoft, and ServiceNow**amplify our capabilities, allowing us to deliver top-tier expertise and award-winning services. We complement these partnerships with in-depth Cyber, Data & AI, Software development and multi cloud expertise.

For **30 years, we have always been guiding our customers on the next tech wave**. Devoteam has guided organizations through the Internet and cloud. The next revolution? AI.

With **11,000 tech natives working in 25+ countries, we bring you highly skilled IT experts across Europe**

At Devoteam, **tech is in our DNA**, and it’s the people we empower with tech. Now, with responsible AI, we’re ready to unlock a future where technology drives positive change.

**What are we looking for?**

As a Security GRC consultant, you are able to engage with our clients in all industry sectors to scope out their cyber requirements and to deliver on their Governance, Risk and Compliance projects based on your expert advice. You are able to help clients understand their risk exposure in their environment and design solutions to remediate their risks.

**What will your day look like?**

You will adopt and integrate Compliance & Risk Frameworks for specific projects at our clients. This can include data entry into ServiceNow GRC tool, creating status reports and maintain statistics. You will also support our clients in the development of their security program regarding compliance and data privacy, which includes performing or documenting Framework Assessments; advising on or creating appropriate Policies; and revising, creating, or assisting in the creation of Risk Management, Incident Response, and Business Recovery programs.

**Who will you work with?**

You will be part of the Cyber Trust team with more than 50 people in Belgium, exchanging insights and knowledge, “ensuring a secure IT environment protecting the business goals”. You will work with our customer’s business and technical employees to capture, discuss and verify cyber risks. You work on flexible daily basis, on-site at client’s office, at Devoteam in Zaventem or at home. You will report to your practice manager, who will be your point of contact for development and career guidance.

**We Hire for Attitude and Train for Skill**

The person we are looking for combines the qualities of a good communicator and an expert in the domains of Information Security, Cybercrime, and IT. The more boxes you can tick in the list below, the closer you match the ideal profile we are looking for.

**Technical Skills**
- Experience with Governance, Risk and Compliance (GRC) and Enterprise Operational Risk Management Projects, Business Continuity Management and Internal Audit to meet regulatory requirements
- Experience of working in an environment where you have delivered GRC solutions to clients in a complex technical environment, meaning assessment, design and implementation of ISMS, risk management and compliance programs.
- Experience with data analysis tools (PowerBi, SQL) and techniques including advanced concepts of Microsoft Word, Excel, and PowerPoint and/or other analytical software
- Awareness of IT and risk control frameworks (ISO27001/ISO27002, ISO27005, CIS 20,). PCI-DSS, SOC2, EU NIS, GDPR.
- Experience in advanced configuration (business rules, workflow, notifications, user stories, scripts, etc). Experience implementing GRC platforms is a plus. Knowledge of agile development process is a plus.

**Desired/Preferred Certifications**
- Master’s degree in computer science/Engineer/Cyber Security or relevant work experience in IT Security.
- ISO 27K lead auditor or Lead Implementer
- ServiceNow GRC certification is a plus.
- Data Privacy and Information Security Certifications are valued including: CISSP, CEH, C/CISO, CISA, CISM, CRISC, CDPSE, CIPP/US, CIPM, CIPT or TOGAF

**Who you are**
- You have a passion for Cyber Security, being the basic ingredient of success.
- You have the necessary soft-skills set to successfully understand, challenge and translate the business needs and communicate to the relevant parties with a structured and methodical approach to problem solving
- You have good presentation and writing skills, as you will be expected to brief others on your findings and recommendations.
- You are a team player and have the talent to cooperate with colleagues in in a changing and fast evolving environment.
- You are well organized and work effectively and independently.
- You are a self-starter, pro-active and you take initiative.
- You are creative, have a critical mind and you like to think out-of-the-box, with focus on solutions rather than problems.
- You are prepared to constantly keep your knowledge up to date, follow trainings or through self-study.
- Customer focus is your second n