Cybersecurity Specialist – Third Party Risk Management

Our client, a leading provider of essential public infrastructure services, is seeking a Cybersecurity Specialist to join their digital security team. This role ensures a secure and resilient digital landscape by managing cybersecurity risks throughout the entire lifecycle of third-party relationships.

• Establish and continuously improve the cybersecurity Third Party Risk Management (TPRM) framework.
• Identify and analyze cybersecurity risks associated with third parties based on security questionnaires and documentation reviews.
• Define and monitor risk mitigation measures, acceptance conditions, and associated action plans.
• Review and secure cybersecurity requirements within procurement processes and tender documentation.
• Assess supplier proposals from a security, compliance, and risk management perspective.
• Provide reporting on third-party risks to management and propose continuous improvement actions.
• Collaborate with stakeholders in procurement, legal, and business units to ensure technical and regulatory alignment.

• 5+ years of experience in cybersecurity roles focusing on TPRM, Security Assurance, GRC, or Audit.
• You have proven experience in the review of procurement and tender documentation such as RFI, RFC, RFQ, and RFP.
• You possess strong knowledge of cybersecurity standards including ISO 27001, ISO 27002, NIS2, and GDPR.
• You're familiar with specialized frameworks such as CyFun, ISO 27036, and ISA/IEC 62443.
• You have the ability to assess technical solutions and architectures from a security and risk perspective.
• You bring a Master’s or Bachelor’s degree in IT, Law, Risk Management, or Information Security.
• You possess excellent analytical skills and the ability to synthesize complex information into structured deliverables.
• You are proactive, solution-oriented, and capable of managing priorities autonomously.
• You are fluent in Dutch (C1) and English (C1) with an active knowledge of French (B2).

Nice to Haves

• Strong ability to interact effectively with diverse stakeholders across legal and IT departments.
• Experience producing high-quality reporting for CISO level management.

• Start date: May 4, 2026.
• Duration: Until April 30, 2027.
• Work regime: Full-time.
• Location: Brussels.
• Working model: Hybrid (minimum 2 days onsite).
• Contract: open to both permanent employees and freelancers.