IT RECRUITING & STAFFING COMPANY OF THE YEAR
Security Governance Expert @ Crelan
AM.S03690
Function
Purpose of the role
As Security Governance Expert, you will take the lead on security policies for the future of Crelan Bank. As such, you will help ensure that security policies, systems and controls evolve to remain compliant with our changing business and digital environment, customer expectations, and applicable regulations.
As an independent expert, you design, maintain and implement the necessary policy frameworks, standards and procedures that support the IT security strategy and the mitigation of security risks. This in collaboration with business and IT stakeholders.
You maintain and elaborate the Security Governance structure within Crelan. To this end, you consult with the various consultation bodies at strategic, tactical and operational level. You set up terms & references for these bodies and follow up the actions resulting from these meetings.
You are able to map the most important vulnerabilities and risks in the field of security. On this basis, you set priorities and define concrete actions. This information is used as input for drawing up the Security roadmap. You give advice and support in developing security strategies and policies and you are responsible for defining and applying standards, methods, procedures and guidelines.
You will join the GRC team and operate as the right hand of the Business Security Manager.
Duties and responsibilities
- You observe threats in terms of security risks in Crelan's landscape. You help develop a strategy to anticipate these threats and propose future-proof solutions;
- You are responsible for the development of policies within Crelan and ensure that they are mutually consistent. You ensure that they are carefully documented and comply with local regulations and contractual requirements. You perform regular checks to ensure compliance and maturity;
- As an expert, you monitor the various security policy frameworks;
- You ensure that a uniform framework is in place and maintain the ISMS;
- You are responsible for setting up and maintaining an annual 'security calendar' containing timings of important meetings, assessments, reporting,..
- Together with the Business Security Manager and CSO, you define, initiate and supervise (external) assessments such as ISO27k maturity assessments, ECB inspections, …;
- Thanks to you, the company is aware of security risks (awareness). You support the creation of an Awareness roadmap and are in the lead for the annual Security Day, the security training sessions and welcome sessions of new employees;
- You are an active partner in communication and consultation with all stakeholders with the aim of promoting support for information security. You also operate as 'master' of the CSO Dashboard (design, maintain, improve);
- You prepare the reporting on security maturity and risks to C-level management to clearly map the current status of security;
- Others learn from you the correct and complete security requirements when working for Crelan. You ensure these requirements are included in their contracts and monitor compliance;
- You support internal and external compliance and security audits.
Profile
- You preferably have a bachelor/master degree (computer science, engineering, economics, etc.) and a first five years' experience as IT security Officer or Security IT Risk/Governance Expert;
- You have a first experience in the field of information security and risk management;;
- You have knowledge of information security management systems (ISMS), security risk management, third party risk management and enterprise risk management;
- You have knowledge of relevant information security policy frameworks, such as ISO2700X, etc.;
- You have a strong affinity and interest in risk management and experience with IT security and security in general;
- Your new colleagues will enjoy working with an independent, dynamic, enthusiastic and problem-solving colleague, who can also work as part of a team;
- A risk security related certificate (such as CRISC, CISSP, CISA, CISM, etc.) is certainly an asset, but definitely not a must.
Offer
- Crelan has been recognised as a Top Employer for the seventh year in a row;
- You will be working in a very challenging context. One of the biggest challenges is the transition to a uniform IT and security landscape, for which major investments are planned;
- The position has high visibility in the organisation. After all, Crisis Management, Business Continuity and security GRC are central to the organisation. In case of a crisis, this function will play a key role. The organisation counts on this function and the team managing this function for expertise and advice on these topics;
- A broad role with impact and mandate;
- A pleasant working environment with offices in Anderlecht and Berchem, where professional growth, autonomy in your job and a personal approach are key;
- Thanks to an extensive range of training courses, you will continue to build on your success. Besides on-the-job learning, technical or bank-related training, languages, but also topics concerning personal development and self-care are provided;
- A good work/life balance thanks to our sliding hours and homeworking.
Amon is the exclusive recruitment partner for this vacancy.
If interested, please contact Louise De Potter (ldp@amon.be).
Copyright Amon 2023
Keywords
Security Governance Expert @ Crelan
Crelan is a bank offering a wide range of services: home loans, savings and investments, insurance, advice on business and agriculture and horticulture. This for private individuals, the self-employed and SMEs.
The bank is 100% Belgian and has more than 500 branches operated by independent banking agents.
Crelan's customers have great confidence in the bank. That is why Security is very important. Danger is always lurking in Crelan's daily activities. The Security Governance Expert must protect Crelan from new threats that pose a security risk to customer services.