IT and Cyber Third Party Risk Assessor Senior

Mission Overview:

This opportunity is a consultancy mission at a client site, where you will represent Keystone Solutions as an IT and Cyber Third Party Risk Assessor - Senior. As a Keystone Solutions consultant, you will be engaged in dynamic projects, working on-site and collaborating with client teams to deliver high-impact results while embodying our core values.

Mission Context:

As an IT and Cyber Third Party Risk Assessor, you will support IT and Business Units in developing robust operational risk management practices, with a focus on Information Security. Your responsibilities, carried out under Keystone Solutions’ consultancy model, include:

• Identifying operational IT and Cyber risks on assets, applications, projects, and third parties.
• Advising, consulting, monitoring, and reporting on risk treatment to optimize risk exposure and costs for IT and Business.
• Elaborating and managing the implementation of flexible strategies to reduce IT and Information Security risks in line with group policies.

Function Description:

• Executing IT and security risk assessments for IT and business, including projects and legacy assets (applications, business solutions, third-party organizations, processes), and maintaining identified risks in the risk registry database.
• Ensuring information security and IT requirements are included in third-party contracts.
• Executing information security and IT control plans on third parties to ensure contractual compliance.
• Coordinating and performing IT and security audits on third parties.
• Setting up processes and procedures for end-to-end IT and security management for third parties.
• Delivering consulting on risk management to internal customers (IT and Business).
• Reporting risks and overall risk posture regarding third parties to Information Security, IT, or Business Management.
• Contributing to the definition and improvement of risk management methods and tools, leveraging field experience and best practices (including regulatory frameworks such as Basel II, CobIT, ISO27000/31000).

Education & Certification:

• Bachelor’s or Master’s degree, or equivalent experience.
• Security certifications such as CISSP, CISM, CIPP, CCSK are valued.

Languages:

• Fluency in French or Dutch is required.
• Good command of English is necessary.

Work Location & Telework:

• Based in Brussels, with an expectation of 50% on-site and 50% homeworking.

Required Knowledge & Experience:

• At least 3+ years of relevant experience in IT Risk Management.
• Significant experience in operational/security risk management.
• Knowledge of control frameworks and audit methodologies.
• Knowledge of Information Security and Risk Management frameworks (ISO27001, SOC, NIST, OWASP, etc.).
• Strong IT background.

Preferred Experience:

• Security certifications such as CISSP, CISM, CIPP, CCSK.
• Professional experience in Financial Services and large companies.
• Experience in process design and improvement.
• Experience in third-party IT and security assessments.
• Experience in data protection, business continuity, and access management.
• Experience in delivering presentations and training.

Soft Skills:

• Good autonomy and personal effectiveness.
• Strong verbal and listening communication skills.
• Ability to analyze situations and synthesize information.

Why Join Keystone Solutions?

• As a consultant, you will experience a variety of challenges across diverse client environments, accelerating your professional growth.
• Our dynamic projects offer turbo-charged learning and broad exposure to the latest industry practices.
• We are committed to your career development and ambition, providing a framework for you to reach new heights.
• Being a “K-Stone” means bringing our core values—excellence, integrity, and collaboration—to every engagement.

If you are ready to tackle technical and strategic challenges in a dynamic consultancy environment, apply today at Keystone Solutions Career Portal.