IT Security Risk and Compliance Manager

il y a 3 semaines

Antwerpen, Belgique Umicore Temps plein

Belgium - Hoboken
Information Systems
Information Technology

Posted on 09-07-

About Umicore

Reducing harmful vehicle emissions. Giving new life to used metals. Powering the cars of the future. As a global materials and technology group, we apply our specialist knowledge to offer materials and solutions that are needed to everyday life. We strive to be a clear world leader in materials for clean mobility and recycling and have turned our sustainability approach into an even greater competitive advantage. With ambitions like this, imagine what you could do?

About our Business Supporting Functions (IT and others)

A global organization. It’s not just those in our industrial sites and technical centres that are vital to Umicore’s growth. Across our business supporting functions we ensure that we continue to grow and evolve – whether it’s by making sure our decisions are commercially viable, enhancing our reputation, building new customer relationships or finding the right people who can build on what we’ve already achieved. The variety of our work means we cannot stand still. We need to find new ways to do things, discover new solutions and develop new ideas. Which is where you come in.

What you will be doing

The IT Security Risk and Compliance Manager is responsible for driving on a daily basis the Umicore Information and Security Management System (ISMS) in compliance with the ISO/IEC standard. He/she ensures the quality and consistency of the Umicore ISMS, manages the different processes tracked within the ISMS and reports on the performance of the ISMS.

In the context of the ISMS, the IT Security Risk and Compliance Manager is responsible for leading and maturing the risk management processes for IT/Information Security, as well as actively raising the adherence to the Umicore IT Security policy framework and initiating and leading the efforts needed to be compliant with IT Security standards as defined by our customers or regulatory instances.

The IT Security Risk and Compliance Manager performs these roles in close collaboration with the CISO, the IT Security team and all operational and regional teams within the Information Systems department (IS), Corporate Security and other Corporate departments & SOF’s and Business ISMS Managers.

The IT Security Risk and Compliance Manager can be located in Brussels or Hoboken and reports to the Senior Manager IT License & Asset - IT Process Improvement.


RESPONSIBILITIES

Information Security Management System (ISMS)Drive the Umicore ISMS in compliance with the ISO/IEC standard, according to defined scope and objectives Define, supervise and contribute to recurrent ISMS activities: e.g. ISMS Activity CalendarPlan, prepare and conduct ISMS governance meetings on tactical level (ISMS Board) and operational level (ISMS Review)Monitor open actions: e.g. Gap Tracker and Risk Treatment RegisterReport on ISMS performance (e.g. ISMS Dashboard) and escalation matters to relevant governance bodies and obtain required outputs such as approvals, further escalations and actions to follow up.Define, drive and contribute to continual improvementsSelect and implement fit-for-purpose tools improving the effectiveness of the ISMSDefine, manage and contribute to ISMS scope extensions in close collaboration with BU ISMS ManagersCoordinate Internal and External Audit activities, and process outcomeCommunicate about the ISMS to relevant stakeholders across UmicoreAct as sounding board for BU ISMS Managers Risk ManagementOrganise, conduct or periodically review Risk Assessments according to the ISMS Risk Management Methodology and ensure strict consistency across the different Risk AssessmentsSupport and challenge Risk Owners in identifying risks and defining risk treatment actions.Update and monitor the Risk Assessment files and the Risk Treatment Register and other documentation (e.g. evidences)Further mature the risk management processes on operational and tactical level for IT/Information Securityupport the CIO/CISO on strategic level Compliance ManagementManage the IT Security policy frameworkEnsure IT Security policies reflect IT Security standards as defined by customers and regulatory instancesCollect and propose potential policy amendmentsAlign with relevant stakeholders about these changes and submit them for approval to the relevant governance bodiesLead the periodic review of IT Security policiesCommunicate about the IT Security policies and related updatesInspire the IS organization and beyond to strive to adhere to the IT Security policies. This includes raising security awareness where needed.Measure, analyse and report through (self-)assessments on the level of adherence to the IT Security Policies Support and challenge IT Asset Owners/Managers and Control Owners in identifying gaps and corrective actions as well as support them in designing and implementing adequate controls.Update and monitor the Gap Tracker including exceptionsFulfil IT security questionnaires on request of customers or business partnersContribute to assess the IT security posture of third partiesWatch for and assess IT Security standards (e.g. NIS2, TISAX, …) and PII legislations (e.g. GDPR, PIPL, PIPA, …) and as a result initiate appropriate actions/projects to ensure compliance

Who we are looking for

You hold a Master degree You have at least:10 years of experience in IT (Security)5 years of experience in international and global organizations5 years of management experience in a management position or as a senior project manager3 years of experience in security risk assessments, risk management and security controls. You have strong analytical and reporting skills You have strong oral and written skills to translate complex risk requirements. You are disciplined and methodological in your way of working You have strong planning and coordination skills You have a mature personality with excellent interpersonal skills You are able to establish credibility with senior stakeholders You have good presentation skills You have knowledge and understanding of:IT (networking, infrastructure layer, application layer, etc.) and IT Security.IT (Security) operations and processes. You have strong knowledge and understanding of :Information Security standards (e.g. ISO , TISAX)PII legislations (e.g. GDPR)Risk Management frameworks MS office products You are fluent in writing and speaking in English You obtained professional certifications such as ISO Lead Implementer, CISM, CRISC , or equivalent. You keep yourself up-to-date on latest cyber and information security trends and threats

What we offer

We aim to lead the way. Not just for our customers, but for our employees too. That is why we strive to create a collaborative environment in which we can all succeed, and a culture through which we can all share ideas, develop our expertise and advance our careers. As you would expect from a world-leading organization, we will also reward your contribution with a competitive salary and benefits. With all this and more, imagine what you could do?

If our pioneering approach can make us a leader in sustainability , IMAGINE WHAT YOU COULD DO?

Apply

  • Cybersecurity and Compliance Officer

    il y a 4 semaines

    Antwerpen, Belgique Tech & IT People™ Temps plein

    Are you a **Cybersecurity and Compliance Officer** passionate about leading enterprise-wide risk management initiatives? Join us, and let's work with our **cross-national team** on projects that protect critical infrastructure through advanced threat detection. You'll be able to work with advanced compliance frameworks and international security...

  • Security and Compliance Officer

    Il y a 5 mois

    Antwerpen, Belgique Gorilla Temps plein

    We're at a turning point in history. Climate change is changing the world faster than ever before. Utilities will play a crucial role in the transformation of our society to fight climate change and become carbon-neutral, while at the same time making sure people and businesses can continue to use energy supply like they've been used to for so many years._ -...

  • Risk & Compliance Officer Mpet

    Il y a 6 mois

    Antwerpen, Belgique PSA Antwerpen Temps plein

    **Contract**: - Fixed Contract**Werkervaring**: - At least 5 years of relevant experience**Plaats van tewerkstelling**: - Deurganck Terminal, Left Scheldt Bank The offices are situated on the terminal, in the middle of the daily operations of MPET.**Jobomschrijving**: The Risk & Compliance Officer acts as the primary interface with local management...

  • Governance Information Security Officer

    Il y a 5 mois

    Antwerpen, Belgique D.A.S. Temps plein

    **Over ons**: As a GISO, you will join the Risk team. The GISO is a key control function within D.A.S. As a second line function, it ensures the adequate implementation of Information Security Controls and Policies within the company and the adequate fulfillment of corresponding regulatory/group/local requirements.You will be part of a team of 7 peoples...

  • IT Manager

    Il y a 5 mois

    Antwerpen, Belgique Tax Consult Temps plein

    Departement: - Internal Services- Experience: - 4-6 years**Your future employer** Tax Consult is a company providing tax, accounting and advisory services to international groups as well as to Belgian based small and medium companies. Our history began in 1981 when we opened the first office in Brussels. In addition to the Brussels office, we also have an...

  • General Manager Compliance

    Il y a 6 mois

    Antwerpen, Belgique Vanbreda Risk & Benefits Temps plein

    Functie Wat zijn jouw verantwoordelijkheden? Vanbreda Risk & Benefits is op zoek naar een ervaren Compliance & Risk Management Officer om het General Management team te versterken. Vanuit jouw rol informeer en adviseer je de organisatie om onze groeiambities te alligneren met de regelgevingen die van toepassing zijn binnen de verzekeringssector. Als...

  • Talent IT

    il y a 1 mois

    Antwerpen, Belgique Talent IT Temps plein

    VerantwoordelijkhedenStrategische Groeibijdrage: Samen met de IT Director en het hele team werken aan de verdere groei van de IT-organisatie. Actieve rol in het opzetten, beheren en verbeteren van bestaande en nieuwe services, processen en tools.Governance en Communicatie: Verantwoordelijk voor een sterke governance en communicatie binnen IT.IT Tendensen:...

  • ERP Security Manager

    Il y a 5 mois

    Antwerpen, Belgique Johnson & Johnson Temps plein

    We are an equal opportunity employer and value diversity at our company. Our team is a multifaceted group of friendly tech professionals working from multiple locations. Do you want to join us on our journey? We are redefining our traditional ERP solutions into the latest and greatest S/4 HANA solution revolutionizing user experience and enabling us to...

  • Compliance en Risk Consultant

    Il y a 5 mois

    Antwerpen, Belgique TVM Belgium Temps plein

    Heb jij oog voor risicomanagement en naleving van interne en externe regelgeving? - Heb jij een passie voor controle en kwaliteit? - Werk jij nauwkeurig en gestructureerd? - Ben je communicatief vaardig en maak jij snel verbinding? - Heb je een proactieve houding? Dan ben jij misschien wel de persoon die wij zoeken in de functie van Compliance en Risk...

  • Security Service Delivery Manager

    Il y a 6 mois

    Antwerpen, Belgique NRB Temps plein

    **Ready to take on new challenges ?** Do you want to boost your career towards a** Security Service Delivery Manager/Security Service Provider SPOC **role? Join our **Security Services** team ! The NRB group is now the sector leader in Belgium and we offer IT services that meet all IT needs: Consultancy & Managed Staffing, Infrastructure & Cloud, Software...

  • Head of Compliance

    Il y a 6 mois

    Antwerpen, Belgique Robert Half Belgium Temps plein

    **Robert Half** **Talent Solutions** is currently looking for a **Head of Compliance **for a permanent position based in Antwerp. **Robert Half** **Talent Solutions** is currently looking for a **Head of Compliance **for a permanent position based in Antwerp. Our client is a fast growing company active in the **banking sector**. As **Head of Compliance...

  • Senior IT Risk Advisor, Belgium

    Il y a 6 mois

    Antwerpen, Belgique Think Global Recruitment Temps plein

    This isn't just a job—it's a gateway to a fulfilling career and a fulfilling life. Antwerp awaits, offering you the chance to immerse yourself in its rich culture, top-notch educational institutions, and a plethora of leisure activities. Imagine yourself thriving in a bustling mid-sized firm that prioritizes the well-being and development of its people...

  • Head of Compliance, Belgium

    Il y a 3 mois

    Antwerpen, Belgique Saxo Bank Temps plein

    Head of Compliance, Belgium Are you either an experience compliance professional with at least 5 years'+ experience? Do you have a diverse skillset with a desire to both set the direction and to execute it? Within the Compliance team of the Saxo Bank Mid-Europe Region we are looking for a Head of Compliance & Risk Management for our Belgium Branch...

  • Senior IT Risk Advisor, Belgium

    Il y a 5 mois

    Antwerpen, Belgique Think Global Recruitment Temps plein

    Are you a dynamic, "think out of the box" professional seeking a rewarding career in a proactive team? We have a phenomenal opportunity based in Antwerp, Belgium with a mid-sized firm, that truly prioritizes the wellbeing of its people. Antwerp is celebrated for its charming neighbourhoods, green spaces, and cultural diversity. It offers a high quality of...

  • Trade Compliance Manager

    Il y a 6 mois

    Antwerpen, Belgique Johnson & Johnson Temps plein

    Johnson & Johnson is recruiting for a Trade Compliance Manager, located in Belgium or Switzerland responsible for the EMEA Trade Compliance Operations Team for Innovative Medicine (IM). **Global Transportation & Trade Operations EMEA **supports both sectors of Johnson & Johnson: MedTech and Innovative Medicines, leads a sophisticated transportation and...

  • Compliance Employee

    Il y a 5 mois

    Antwerpen, Belgique Axis Temps plein

    Do you have a first working experience within Compliance and do you wish to be part of an enthusiastic compliance team within a growing private bank ? The Compliance Department deals with the risks related to integrity, duty of care and data protection from a second-line position. The team is in close contact with all layers of the organization both in...

  • Manager Manufacturing

    Il y a 5 mois

    Antwerpen, Belgique Johnson & Johnson Temps plein

    This position reports to the Head, Technology Compliance. **Approximate Percentage of Time**: **Tasks/Duties/Responsibilities** 60% **Risk-Based Closed Loop Supplier Audit and Periodic Review Programs**: - Leads and executes closed loop periodic reviews of J&J Segment (Pharm, Med Tech and Enterprise) GxP computerized systems that are supported by...

  • Com­pli­an­ce & Risk Mana­ge­ment Officer

    Il y a 5 mois

    Antwerpen, Belgique Vanbreda Risk & Benefits Temps plein

    **Wat zijn jouw verantwoordelijkheden?** Vanbreda Risk & Benefits is op zoek naar een ervaren Compliance & Risk Management Officer om het General Management team te versterken. Vanuit jouw rol informeer en adviseer je de organisatie om onze groeiambities te alligneren met de regelgevingen die van toepassing zijn binnen de verzekeringssector. - Als...

  • Operational Risk

    Il y a 2 mois

    Antwerpen, Belgique DELA Temps plein

    Ben jij een business-minded professional met ervaring in compliance en operationeel risicobeheer binnen de financiële sector? Hou je van de combinatie van analyse en impact, zodat jouw aanbevelingen worden gerealiseerd? Ben je gemotiveerd om jouw carrière in de verzekeringssector uit te bouwen? Operational Risk & Compliance Officer Als _Operational Risk...

  • Manager Risk

    Il y a 5 mois

    Antwerpen, Belgique Delhaize Temps plein

    **Je verantwoordelijkheden**: Running a sustainable business, where risks are managed in a responsible way, requires insight in relevant financial reporting, operational, compliance and strategic risks. As part of the Company’s 2nd line of defense, the Risk and Controls (R&C) function supports global, regional and local senior management in their discharge...