Functie

About our Business Supporting Functions (IT and others)

A global organization. It's not just those in our industrial sites and technical centres that are vital to Employer's growth. Across our business supporting functions we ensure that we continue to grow and evolve - whether it's by making sure our decisions are commercially viable, enhancing our reputation, building new customer relationships or finding the right people who can build on what we've already achieved. The variety of our work means we cannot stand still. We need to find new ways to do things, discover new solutions and develop new ideas. Which is where you come in.

What you will be doing

The IT Security Risk and Compliance Manager is responsible for driving on a daily basis the Employer Information and Security Management System (ISMS) in compliance with the ISO/IEC standard. He/she ensures the quality and consistency of the Employer ISMS, manages the different processes tracked within the ISMS and reports on the performance of the ISMS.

In the context of the ISMS, the IT Security Risk and Compliance Manager is responsible for leading and maturing the risk management processes for IT/Information Security, as well as actively raising the adherence to the Employer IT Security policy framework and initiating and leading the efforts needed to be compliant with IT Security standards as defined by our customers or regulatory instances.

The IT Security Risk and Compliance Manager performs these roles in close collaboration with the CISO, the IT Security team and all operational and regional teams within the Information Systems department (IS), Corporate Security and other Corporate departments & Sof's and Business ISMS Managers.
The IT Security Risk and Compliance Manager can be located in Brussels or Hoboken and reports to the Senior Manager IT License & Asset - IT Process Improvement.

Responsibilities

Information Security Management System (ISMS) Drive the Employer ISMS in compliance with the ISO/IEC standard, according to defined scope and objectives Define, supervise and contribute to recurrent ISMS activities e.g. ISMS Activity Calendar Plan, prepare and conduct ISMS governance meetings on tactical level (ISMS Board) and operational level (ISMS Review) Monitor open actions e.g. Gap Tracker and Risk Treatment Register Report on ISMS performance (e.g. ISMS Dashboard) and escalation matters to relevant governance bodies and obtain required outputs such as approvals, further escalations and actions to follow up. Define, drive and contribute to continual improvements Select and implement fit-for-purpose tools improving the effectiveness of the ISMS Define, manage and contribute to ISMS scope extensions in close collaboration with BU ISMS Managers Coordinate Internal and External Audit activities, and process outcome Communicate about the ISMS to relevant stakeholders across Employer Act as sounding board for BU ISMS Managers Risk Management Organise, conduct or periodically review Risk Assessments according to the ISMS Risk Management Methodology and ensure strict consistency across the different Risk Assessments Support and challenge Risk Owners in identifying risks and defining risk treatment actions. Update and monitor the Risk Assessment files and the Risk Treatment Register and other documentation (e.g. evidences) Further mature the risk management processes on operational and tactical level for IT/Information Security, and support... ... Jouw profiel - De realisatie van projecten superviseren en coördineren Ingrijpen in een informaticadon Beheer, beslissingneming Aanbod -