Cybersecurity Governance / Risk Officer

Join Keystone Solutions as a Consultant in Cybersecurity Governance and Risk

Are you passionate about Governance, Risk, and Compliance (GRC) in cybersecurity? Do you want to leverage your expertise across dynamic client environments? Keystone Solutions is looking for a Cybersecurity Governance or Risk Officer to join our team of consultants. You will play a crucial role in helping our clients align with industry regulations, manage risks, and strengthen their information security frameworks.

As a Keystone Solutions consultant, you will work on client-site projects while benefiting from the learning, career growth, and support that come with being part of a leading consultancy firm.

Role Overview

As a Cybersecurity Governance or Risk Officer, you will work closely with client stakeholders to ensure the effective application of Governance, Risk, and Compliance (GRC) strategies. This includes ensuring compliance with NIS2, GDPR, and other cybersecurity regulations while improving security risk management frameworks.

You will support the client's Chief Information Security Officer (CISO) team in designing and implementing policies, frameworks, and security best practices tailored to their operational needs. Your role will be instrumental in strengthening governance and ensuring adherence to cybersecurity compliance standards.

Key Responsibilities

Governance & Compliance

• Develop and maintain an effective GRC framework aligned with legal and regulatory requirements.
• Ensure compliance with NIS2, GDPR, and other relevant laws by implementing robust security governance models.
• Maintain relationships with regulatory bodies and ensure timely responses to policy changes.

Risk Management

• Conduct risk assessments to identify, assess, and mitigate cybersecurity and IT risks.
• Develop risk reports and communicate findings to client stakeholders.
• Monitor and report the effectiveness of risk management initiatives.

Information Security & ISMS Implementation

• Support the development and maintenance of Information Security Management Systems (ISMS) aligned with ISO 27001 and other security frameworks.
• Identify and classify information assets, assess vulnerabilities, and implement security controls.

Policy Development & Compliance

• Draft, update, and enforce cybersecurity policies, procedures, and guidelines in line with industry best practices.
• Drive security awareness programs across the clients organization.

Project Management & Stakeholder Engagement

• Lead and support GRC-related projects from initiation to completion.
• Collaborate with internal teams such as Security Architects, Cybersecurity, and Identity, Credential, and Access Management (ICAM).
• Act as a Subject Matter Expert (SME) for all GRC topics, providing advisory services to various departments.

Incident Management & Reporting

• Investigate compliance breaches and propose corrective actions.
• Prepare detailed security reports and present them to senior management and regulatory authorities.
• Contribute to continuous improvement by refining risk management methodologies and security frameworks.

Consultancy Advantage with Keystone Solutions

Why Join Us as a Consultant?

At Keystone Solutions, we provide a unique career opportunity beyond a standard in-house role. Here's what makes consultancy with us different:

Diverse Client Exposure Work on multiple client projects across different industries, gaining exposure to varied cybersecurity challenges.
Continuous Learning & Development Benefit from Keystones training programs, certifications, and mentorship, keeping you ahead in your field.
Career Growth As a consultant, you'll fast-track your career by handling high-impact projects that expand your expertise.
Supportive Team Environment Work alongside seasoned professionals who will support your growth and success.

Required Qualifications & Skills

Education & Certifications

Masters degree in Computer Science, Business Administration, Law, or a related field (or equivalent experience with a Bachelors degree).
Preferred industry certifications:

• CISSP (Certified Information Systems Security Professional)
• CRISC (Certified in Risk and Information Systems Control)
• PMP, Prince2 (for project management)
• ISO 27001 Lead Implementor (optional but highly valued)

Technical Knowledge

Extensive knowledge of:

• ISO 27001-27005, NIST Cybersecurity Frameworks
• GDPR, NIS2, and cybersecurity laws & regulations
• Information Security Management Systems (ISMS)
• Risk Management Frameworks (FAIR, etc.)
• GRC Tooling and Security Compliance Strategies

Experience

5+ years in a Governance, Risk, and Compliance (GRC) role, preferably in a complex enterprise environment.
Experience with risk assessment, vulnerability management, and security incident response.
Strong background in project management and delivery of ISMS audit evidence.

Soft Skills

Strong analytical and problem-solving skills
Excellent communication and stakeholder management skills
Ability to translate security requirements into business-friendly strategies
Comfortable working in high-pressure environments

Work Conditions & Location

Client-Site Engagement: This is a hybrid consultancy role requiring a minimum of 2 days per week at the clients Brussels office, with remote flexibility for the remaining days.

International Environment: Work with multilingual teams in Dutch, French, and English (C1 proficiency required).

Take Your Cybersecurity Career to the Next Level!

At Keystone Solutions, we provide an exciting career pathway where you'll work on high-impact client projects, build industry-leading expertise, and grow as a trusted cybersecurity consultant.

Ready to make a difference? Apply today and become a Keystone Solutions Cybersecurity Consultant!