ITeam4 jouw carrière

Job Info

  • Duur: 6 months, extension possible
  • Start: Asap
  • Locatie: Brussels
  • Ervaring: At least 5 years of relevant experience. Preferable experience in information security.


Suikertorenweg 35
2560 Kessel
Tel: +32 495 32 36 05

Information Security Control Officer

Referentie: 101525

We Team 4 an Information Security Control Officer

Rollen en verantwoordelijkheden

An Information Security Control Officer will carry the following responsibilities:

•  Coordination:
•  Coordinates/ oversees the ISCP activity and its compliance with requirements from the bank ISNF ( Information Security Normative Framework);
•  Define the operating mode of the security controls via the creation and maintenance of Governance/Process documentation, Control Reference Card template, Centralized controls repository.
•  Write memos/reports on control results and progress of remediation actions to the attention of senior management.
•  Control: executes level 2 controls;
•  Identifies Control points that can help verifying:
•  that the organization is adequate to steer the information security activity;
•  whether level 1 controls exist and are effective.
•  For each run of the control plan, consolidates the control results obtained from the different entities. Check the coherence of the control results based on evidence received. Challenge anomalies.
•  Performs a follow-up and report on the progress of the identified remediation actions. These remediation actions are contained in a central repository which requires proper administration.
•  Alert: escalates in case of non-deployment of the bank ISCP or in case (major) control results are contentious (validity; effectiveness; etc.).
•  Advisory: provides advice and assistance to the Process/ Asset owners with regards to the definition and implementation of the ISCP level 1 controls.
•  Help operational management with definition of security controls, with completion of Control Reference Card and advice on control maintenance.
•  Help operational management with the identification of remediation actions to address control defects and with follow-up on their progress till their closure.


Bachelor/Master or equivalent by experience

Context van de missie

The Information Security and Risk Management department supports IT and Business Units to develop adequate solutions in Information Security and Risk Management practices.
The mission of ISRM is:

•  to enable sound and formal information security risk decision making by management, and
•  to help management with implementing a proper information security management system.
Implementation of a suitable ISMS (‘Information Security Management System’), includes policies, processes, procedures, organizational structures, software and hardware functions, and the corresponding (permanent) controls.
Bank’s ISCP ( Information Security Control Plan) formalizes and documents those (permanent) controls. It includes a set of controls to be executed in order to ensure that the information security organization, processes and/or information assets are managed in compliance with policies and procedures and that they are risk-controlled:
•  Level 1 controls, which are carried out by and under the responsibility of the operational management in charge of the implementation of information security (e.g. process/ asset owners);
•  Level 2 controls, which are carried out by ISRM as independent control function.
To support ISCP activity, we are looking for an Information Security Control Officer.


  • Dutch: Excellent
  • French: Excellent
  • English: Excellent
  • German: N/A
  • Spanish: N/A

Soft Skills

  • Team player
  • Quick self-starter
  • Pro-active attitude
  • Good Communication and Influencing skills
  • Good analytical and synthesis skills
  • Autonomy, commitment and perseverance
  • Ability to work in a dynamic and multi-cultural environment
  • French fluent speaking, good writing
  • Dutch fluent speaking, good writing
  • English fluent speaking and writing


  • Solid knowledge of Excel – pivot tables, formulas; Practical experience of SharePoint as administrator and user.
  • Preferable; Good understanding of IT security technology and processes (secure networking, web infrastructure, WinTEL, UNIX, etc.); Auditor experience;
  • Experience within the Banking and Finance Industry
  • Experience in working in cross-functional departments and teams.
  • Practical exposure to process management.
  • Capability to quickly understand end-to-end process flows and control needs
  • Experience in creating memos to the attention of senior management level
  • Preferable; Proven experience in designing and implementing controls
  • Preferable; Knowledge of Information Security (preferably based on ISO 27001- 27005 standards)