Security & Risk Ananlyst (GRC) M/V/X

Beschrijving van de functie

The Role

We are looking for an Information Security & Risk Analyst to strengthen our Security Office. Based in our Belgium (Diegem) office and reporting directly to the Security Officer, you will play a key role in maintaining and evolving our information security and risk management practices.

This role is ideal for someone with a solid foundation in information security who is ready to take ownership of operational responsibilities, contribute to strategic initiatives, and ensure secure, compliant, and sustainable management of IT assets.

Your Responsibilities

 

Information Security & Compliance

• Support the Security Officer in developing, implementing, and maintaining the Information Security Management System (ISMS).
• Contribute to the implementation and continuous improvement of ISO/IEC 27001.
• Maintain a high-level understanding of NIS2 requirements and support alignment with regulatory expectations.
• Participate in risk assessments, audits, and internal reviews.
• Monitor and report on recurring security activities (control plans, patch management, security configurations, exception management, quality controls).
• Document security processes and procedures clearly and consistently.
• Stay up to date with emerging threats, technologies, and regulatory developments.

IT Asset & Supplier Management

• Take ownership of IT asset lifecycle management from procurement to retirement.
• Maintain and update the CMDB / asset register, ensuring accuracy and proper classification.
• Support IT supplier management with a focus on security, cost efficiency, and sustainability.

Collaboration & Awareness

• Work closely with enterprise architecture, software development, system operations, and internal IT teams to align projects with security principles.
• Support security awareness initiatives and help foster a strong security culture.
• Report regularly on risks, issues, and corrective actions.

 

Jouw profiel

Your Profile

 

Education & Experience

• University degree in Information Security, Computer Science, Information Systems, Engineering, or equivalent experience.
• 2-4 years of experience in information security, GRC, SecOps, or a related field.
• Security certifications (e.g. ISO/IEC 27001 Lead Implementer) are a plus.

Technical Skills

• Practical knowledge of ISO/IEC 27001, NIS2, and cybersecurity fundamentals.
• Experience supporting compliance or audit activities.
• Understanding of IT infrastructure, networks, and application development practices (DevOps experience is a plus).
• Familiarity with identity and access management in Microsoft Active Directory and Microsoft 365 environments.
• Willingness to take ownership of IT asset procurement and lifecycle management.
• Exposure to security automation or monitoring tools is an advantage.
• Experience with the Atlassian stack (Jira, Confluence, Jira Service Management) is a plus.

Soft Skills

• Strong communication and stakeholder management skills.
• High level of organization and attention to detail.
• Collaborative mindset and ability to work in cross-functional teams.
• Professional working proficiency in English.

Taalvaardigheden

• Nederlands (troef)

  • Begrijpen : Basis (A)
  • Schrijven : Basis (A)
  • Lezen : Basis (A)
  • Spreken : Basis (A)

Voordelen van de betrekking

Offer

perm contract + car 

Wil je meer weten over dit beroep of over een beroep dat erop lijk? Vind alle nuttige informatie op Beroepenpanorama. Beroepen Panorama