Security Risk Manager

afarax is looking for a freelance Security Risk Manager. We need you!

The project:

Our client in the Transportation, Logistics, Supply Chain and Storage sector, is seeking an experienced Security Risk Manager to strengthen their team.

Your mission:

• Improve and formalise security risk management processes and procedures, ensuring they are pragmatic, scalable, and aligned with business needs.
• Conduct and support risk assessments, including identification, documentation, and evaluation of risks across IT and security domains.
• Propose and track risk responses that are proportionate and effective, ensuring mitigation plans are actionable and monitored.
• Follow up on action plans defined in the risk response to ensure timely execution and closure.
• Maintain and continuously improve the central risk register, ensuring it reflects current risk exposure and mitigation status.
• Collaborate with security architects to collect and analyse identified risks from technical assessments and project reviews.
• Act as a bridge between the CISO Office and the Enterprise Risk Management (ERM) function, ensuring alignment and consistency in risk reporting and governance.
• Lead and support awareness initiatives to promote a risk-conscious culture across the organisation.
• Contribute to the implementation and monitoring of NIS2 controls related to risk management, including reporting and documentation.

Is this you?

• 15+ years in IT/security, with 10+ years in Security Risk Management roles.
• Proven experience in IT risk management, information security, or governance roles.
• Strong understanding of risk assessment methodologies, control frameworks, and regulatory requirements (e.g. NIS2, ISO 27001, GDPR).
• Ability to design and implement risk management processes, including SOPs, workflows, and reporting mechanisms.
• Skilled in stakeholder engagement, with the ability to work across technical and business teams.
• Experience with risk registers, risk scoring models, and compliance tracking tools.
• Familiarity with enterprise governance structures and ERM integration.

Strong skills across key security domains, including:

• Network security
• Cryptography
• Identity and Access Management (IAM)
• Cloud security
• Infrastructure security
• Business continuity & backup

• Excellent communication and presentation skills, with the ability to raise awareness and influence decision-makers.
• Fluent in English; Dutch and/or French is a plus.

How afarax supports you?

• You benefit from our extensive network
• You will have access to projects that fit your expertise
• We help and support you throughout your project
• We offer the possibility to build a valuable and lasting partnership

Check out more projects on: