-
Stott and May

Cybersecurity Risk & Compliance Consultant

Stott and May
Luxembourg · Contract · Mid-Senior

Senior IT & Cyber Risk Management Advisor


  • Role: IT & Cyber Risk Management Advisor (Expert Level)
  • Contract Type: Freelance (Long-term mission)
  • Location: Brussels, Belgium
  • Remote Work: Hybrid (50% on-site / 50% homeworking)
  • Required Experience: 8+ years


🎯 Mission Context & Role Objective

Joining the Governance, Risk, and Compliance (GRC) team of a major international financial institution, you will support IT and Business Units in developing and implementing robust operational risk management practices, with a primary focus on Information Security.

As an Expert Advisor, you will act as a strategic partner, helping to identify, advise, monitor, and report on risk treatment to reduce overall risk exposure across IT, Agile Constructs (Tribes/Squads), and third-party vendors at an optimized cost.


🔑 Key Responsibilities

  • Risk Lifecycle Quality Assurance: Oversee the IT and Cyber security risk QA process from initial identification, through risk treatment/mitigation, until final closure.
  • Stakeholder Advisory: Provide pragmatic advice and support on IT and Cyber Security Risk Management to internal IT and Business stakeholders.
  • Shadow IT Assessments: Perform comprehensive IT and Cyber risk assessments on Shadow IT situations (applications operating outside standard IT governance).
  • Governance & Executive Reporting: Synthesize complex data to report on overall risk posture and specific cybersecurity risks to IT, Security, and Business Management.
  • Framework Improvement: Contribute to the evolution of internal risk management methodologies and tools, bridging field experience with corporate security policies.


🛠️ Required Profile & Technical Skills

Must-Have Technical Expertise

  • ISMS & Control Frameworks: A minimum of 8 years of experience with a proven track record of linking Information Security Management Systems (ISMS) to practical IT Risk processes. Strong knowledge of control frameworks and IT audit methodologies is a must.
  • Cloud Security Governance: Significant, demonstrable experience identifying and managing risks tied to Cloud services (AWS, SaaS, HSP).
  • SDLC & IT Operations: Strong understanding of software development security best practices, combined with functional knowledge of operational ITIL processes (Change Management, Release Management, Incident Management, and Testing).


Sector & Language Requirements

  • Industry Experience: Previous experience working within a banking, financial services, or highly regulated environment is highly preferred.
  • Languages: Sound knowledge of English AND at least one local language (French or Dutch). Strong English writing and synthesis skills are mandatory.
  • Education & Certifications: Master’s degree preferred. Industry-recognized security certifications (CISSP, CISM, CIPP, or CCSK) are highly valued.


Soft Skills

  • Autonomy, proactivity, and strong personal organization.
  • Exceptional communication and interpersonal skills, with the ability to build relationships and communicate risk effectively to both technical teams and executive management.
  • Analytical mindset with the ability to produce highly structured, concise, and precise documentation.

Key Skills

Ranked by relevance

cyber security security certifications cybersecurity cloud cism itil saas cipp
Login to Apply
Posted
Jul 07, 2026
Type
Contract
Level
Mid-Senior
Location
Luxembourg

Industries

IT Services IT Consulting

Categories

Consulting

Related Jobs

3 roles aligned with this opportunity

View all jobs
View Job Details
Inetum
Related

IT Project Manager

2026-07-07

Full-time
Executive
Portugal
IT Services
Consulting
View Job Details
Inetum
Related

Full-Stack Developer (Node.js / AI Platform)

2026-07-05

Full-time
Executive
Portugal
IT Services
Consulting
View Job Details
ACEN
Related

Junior cybersecurity advisor

2026-07-08

Full-time
Entry
Belgium
IT Services
Consulting