Risk & Control Management Expert (ServiceNow GRC, Controls)

Risk & Control Management Expert (ServiceNow GRC, Controls) – Brussels

Duration: 1 year

Rate: Flexible

Hybrid: 4 days onsite per month, the rest can be worked remotely

UK contractors must use an Umbrella

Role

This role focuses on managing the control framework, encompassing critical IT and security domains such as Identity & Access Management, Vulnerability Management, Security Monitoring, Incident Management, Platform, Network, and Application Security.

The clients control framework aligns with industry standards including IT COBIT, ISO 27001/2, and CIS.

It is currently being implemented in the ServiceNow GRC platform.

As part of this role, you will actively contribute to defining and implementing controls (change) and managing them as they transition to live operation for continuous monitoring and improvement (run).

• Your responsibilities include designing and rolling out effective controls to address key risks and regulatory requirements across security domains following agreed Control Management process and onboarding implementation procedure.
• By promoting and implementing controls, you will improve the risk culture and control maturity within the IT organization.
• You’ll collaborate closely with process owners, control owners, and performers across IT divisions and locations. Additionally, you’ll engage with second and third lines of defense, including Risk Management and Internal Audit.
• A strong risk attitude, relationship-building skills, and a desire to drive IT and Security Risk transformation are essential for success in this role. Proficiency in both oral and written communication, as well as influencing, are key proficiencies!

Qualifications, professional skills and experience

• University Master’s degree or equivalent experience (education in computer science, engineering, or cybersecurity is a plus).
• 7+ years of field experience in the risk and control environment, preferably in the area of controls design and implementation within large or enterprise multi-platform-based IT environments.
• Good knowledge of the key principles of Information Security Management Systems and various Technology Domains.
• Certifications in security, such as CISSP, CISM, or GIAC, provide a key advantage.
• A proven understanding and experience with ServiceNow GRC or an equivalent solution is a strong asset.
• Proficient proficiency in English (verbal, writing, and presentation).

Soft skills

• You have a strong risk and control mindset; you are thorough and strive for high quality in your work.
• You have good communication skills, whether on the field, in the team or with management: you are a great teammate and coordinate work amongst people from different areas or divisions. A good relationship builder with diplomacy skills
• You are a highly motivated self-starter and you can work proactively in an environment with challenging priorities
• You have the ability to challenge and influence other IT and Security authorities. You acquire approval of others with good arguments, appropriate influencing methods and personal assertiveness (persuasion), constructively challenging and negotiating at levels up to upper management.
• You are able to act as SME in the field and share experience with other Team members.

Please do send across an up to date CV to eobiechefu@welovesalt.com

*Rates depend on experience and client requirements