IT RECRUITING & STAFFING COMPANY OF THE YEAR
Information Security and compliance consultant @ Itsme
AMKB03678
Function
Itsme is looking for an IT risk and compliance specialist whose mission will be to build and maintain the itsme® “ISMS” Information Security Management System based on an extended ISO:IEC 27001/2 framework, and assist the CISO / DPO and SOC team with expertise on security and privacy governance as well as security best practices and technology advice. You will closely work together with our Development and Operations Teams as well as business stakeholders to identify and address information security and personal data risk, fully understanding and aligning with the itsme business requirements.
Tasks and responsibilities
- Continuously raise the awareness within the organization, possibly with suppliers and partners on the topics of Information Security, as well as protection of personal data;
- Identify, analyse and assess Information Security Risks and non-compliances in collaboration with the CISO / DPO;
- Develop and elaborate the Information Security Policies as part of the ISMS;
- Integrate the required safeguards in operational processes, configuration baselines and overall Information Architecture;
- Follow up of the itsme ISMS implementation and the Safeguards listed in the SOA together with the different teams and stakeholders within the organisation;
- Maintain the registry of personal data processing activities (ROPA), develop and update the Data Protection Impact Assessments (DPIA) required;
- Assist in the response to information security incidents and/or data breaches.
Typical tasks that will regularly land in your agenda:
- Updating the different ISMS and GDPR compliance documents and dashboards
- Elaboration of topical policy documents
- Meeting with colleagues on different IT Security and privacy topics
- Creating the summary of findings from internal validations and meetings
- Elaborating mitigations, presenting them, and plan their implementation with the CISO / DPO & colleagues
- Contribute to the internal and external audit missions
Profile
- A bachelor’s degree or equivalent experience
- Holder of an ISC2 CISSP, SSCP or equivalent certification. Other certifications (ISO27001, ISACA CISM / CISA, GDPR …) will be a plus
- Proven work experience of 5 years or more with Information Security risk, Compliance Assessments, Security mitigations and implementations, or similar areas of expertise
- Keywords in your expertise of compliance matters include any of the following: ISO 27001, GDPR, eIDAS, NIS2 or standards linked to them
- Experience in organizations and environments where security and personal data protection are of utmost importance.
- Insights in information security technology applied across a broad spectrum, including Cloud technology Application Level Firewalls, Anomaly Detection, SIEM, Mobile App security, Web application security, …
- Experience in application of standards such as OWASP, NIST, OpenID Connect, …
- A thorough knowledge of Cryptographic principles and/or Electronic Signatures are a plus
- A strong and convincing communicator, you know how to deal with a multitude of stakeholders on different hierarchical levels both in-and outside itsme®.
- Writing skills include the development of clear, concise and pragmatic guidelines in policies, procedures and instructions for colleagues & suppliers
Offer
- A fun, enthusiastic and ambitious team
- A fast-moving scale-up environment where you can develop and grow
- Offices in Brussels, combined with flexibility in terms of remote working
- A fixed contract, with an attractive compensation package
- Be a part of their national and international growth
Keywords
Information Security and compliance consultant @ Itsme
Belgian Mobile ID, known for its successful app itsme®, is a Belgian scale-up and pioneer in digitalization. In 2017, Belgian Mobile ID united the seven Belgian market leaders from the banking and telecommunications sector: Belfius, BNP Paribas Fortis, KBC, ING and Orange Belgium, Proximus and Telenet. Through joint efforts, they developed itsme®, Belgium's official mobile identity. With this mobile identity app, every Belgian citizen can identify him/herself when logging into digital applications, when approving (payment) transactions and even when signing official documents. Card readers, passwords or cards with tokens are no longer required. itsme® guarantees secure identification through the combination of the itsme® app, the user’s mobile phone and the user’s unique itsme® PIN or biometric identification. itsme® is recognized as a Level of Assurance ‘High’ e-identification mean, and as a ‘qualified’ trust services provider for electronic signatures in the eIDAS regulation, which means that the app complies with the highest security levels.
Now, only five years later, 6.4 million citizens use the itsme® app, to identify themselves, confirm transactions and sign documents online.
Belgian Mobile ID closed partnerships with more than 800 companies, both in public and private sectors. The government is counted as one partner in this total amount, with more than 2.000 platforms. Although itsme® is mainly used for government purposes and in the banking, insurance and telecommunications sector, the importance of the app is increasing in other sectors as well. Examples of other industries are the gaming industry (e.g. Napoleon Games), HR sector, hospitals, mobility services, … This versatility of industries demonstrates the application’s scalability. Examples of usage:
In the gaming sector, itsme® can be used to check the validity of the identity card and the age, which is necessary at the time of payment.
In hospitals, itsme® can be used to check medical records or make appointments.
Whatsapp on your computer?
