Home
Jobs
AlmavivA de Belgique
PEP- Security Specialist-18/04/25

PEP- Security Specialist-18/04/25

On site

Brussels, Belgium

Full Time

11-04-2025

Share this job:

Score my CV Apply

Job Specifications

Nature Of The Tasks

Advises the IT Units in any area and domain related to information and IT security, in close collaboration with the LISO. The security expertise can range from policymaking to operational control, architectural design, training, products and technology knowledge with concern for their updating and maintenance.

Assists DG TAXUD in monitoring and coordinating information security and IT security issues, acting as a facilitator to align all efforts towards project objectives.

Translates security requirements into technical requirements and architecture design.

Verifies compliance of DG TAXUD’s information and information systems with the Commission’s security policy.

Assesses the performance of the contractors in the implementation of DG TAXUD’s security requirements.

Reviews the quality and conformance of the technical deliverables (specification, software, documentation, security plans) and services with a focus on security and continuity.

Monitors the operations and advises on business continuity and disaster recovery.

Assists DG TAXUD in the definition of its Information Systems Security Management (ISSM).

Clarifies security issues and prevent potential security incidents.

Performs technical security assessments and studies.

Proposes technical solutions in security-related areas (i.e. privileged identity management, firewalls, vulnerability management).

Conducts security assessments and vulnerability scans to identify and mitigate risks.

Ensures compliance with industry standards and regulations (e.g., GDPR, HIPAA).

Collaborates with development and operations teams to integrate security into the DevSecOps pipeline.

Responds to security incidents and provide recommendations for improvements.

Ensures the necessary security requirements are complied with from the perspective of data sovereignty, cybersecurity, availability, confidentiality, integrity, etc.

Identifies and proposes mitigation actions to avoid security incidents.

Ensures technical aspects of the design, implementation, and operations are aligned with security principles, requirements, and expectations. Supports procurement and contract management activities from a security perspective.

Reports on the status, risks, and mitigation actions in this respect.

Specifically for cloud: o Develops and implements security strategies to protect cloud-based systems and data. o Follows up and coordinates all efforts on design, implementation, and operations of a cloud solution from a security perspective

Level:Senior

Delivery Mode: Near Site (Brussels)

EQF Level 6 in Information Security, Cybersecurity, Computer Science, or a related field.

About the Company

AlmavivA de Belgique is a new Belgian IT company, a branch of the AlmavivA Group , created purposely to satisfy the needs of customers in Belgium, Luxembourg and the entire EU. The AlmavivA group is the largest supplier of Information & Communication Technology in Italy, with years of experience and an in-depth understanding of the public and private sector markets. The Group is currently undergoing major international expansion and is already a global operation: it has 43 offices in Italy and 23 abroad, and employs 45,000... Know more

Related Jobs

Company Name: Wavestone
Job Title: Cybersecurity Consultant – Permanent and Intern
Job Description: Company Description Wavestone is a leading global transformation consulting firm known for navigating critical challenges and driving sustainable growth. We aim to deliver lasting change that positively impacts customers, communities, and society. Our journey is defined by a true team spirit, where support, encouragement, and motivation are the keystones of our collaborative environment. Drawing on more than 5,500 employees across Europe, North America, and Asia, we seamlessly combine first-class sector expertise with a 360° transformation portfolio of high-value consulting services. In cybersecurity, Wavestone stands out with a robust and proven expertise. Our dedicated team of over 1,000 cybersecurity consultants operates across most of our global locations. With more than 20 years of experience in cybersecurity, we serve organizations across all sectors – financial services, industry, retail, energy, transport, services, public sector, and international institutions. Our expertise spans every type of organization, enabling us to deliver tailored solutions and act as an independent, critical partner in securing their strategic transformations. Our clients value our independence, our profound technological expertise, and our ability to work alongside them to reflect, analyze, and act. That’s how we make change happen. Dedicated to diversity and inclusivity, Wavestone fosters a collaborative and dynamic work environment. Our core values - energetic, responsible and together - shape the foundation of our corporate culture. Join us for a rewarding career in management consulting, offering competitive compensation, continuous learning, and ample opportunities for professional growth. For more information, visit www.wavestone.com and become part of our journey to shape a positive and impactful future. Job Description Based in Brussels and currently gathering 35 consultants, the Wavestone Belgium office is expanding significantly, driven by market demand for consulting advice/support in our specialist focus area of Cybersecurity. This is an outstanding opportunity for talented people to work on a hot topic at the crossroads of technology and management while participating in the development of the Belgian office. What will you do? As a consultant in cybersecurity, you will contribute to a variety of client and internal projects. These projects will allow you to develop key consulting skills (analysis & synthesis, customer relationship management, etc.) and to raise your expertise in areas such as risk management, cybersecurity strategy, crisis management, NIS2 compliance, AI applications in cybersecurity, and resilience. You'll have the opportunity to support clients in strengthening their cybersecurity postures, aligning with new regulatory requirements, and implementing resilient frameworks to protect against cyber threats. Each consultant is also required to provide support to internal activities such as business development, recruitment, event management, and contributing to the office life. New comers will attend our training path (combining soft skills and cybersecurity expertise) but above all, you will benefit every day, from the experience of your colleagues and project managers. Qualifications Who are we looking for? A graduate with a master’s degree in engineering or management, with a genuinely interest for cybersecurity and digital topics, or an experienced professional with a few years of cybersecurity expertise. An enthusiastic personality with consultant skills (intellectual curiosity, sharp sense of analysis, teamwork, taste for innovation, etc.) A very good interpersonal skills, a collaborative working style and a pro-active attitude to build a relationship of trust with your colleagues and with customers to deliver with excellence their major transformation projects A taste for entrepreneurship and innovation, making you eager to embrace new challenges with a motivated and highly competent team Fluency in French or Dutch (C2) AND English (C2) Practical information for interns: Terms & Length: The minimum duration of the internship is 6 months to give you time to develop a concrete project and become part of the office and not only observe but fully integrate the team as a consultant. The exact length of the internship is open to discussion. Management: Your internship will be guided by a member of the consulting team who will help you to acquire the skills of a good consultant. Opportunity: We have decided to pay our interns for the work they do and see the internship as a first step towards permanent recruitment. Most of our interns receive a job offer at the end of their internship! Informations Our commitment: Wavestone values and Positive Way Elevate client satisfaction by impacting high-growth business across US, UK, and Europe. Shape culture, enhance value propositions, and foster business development. Nurture employee growth with Wavestone horizon career path, competitive compensation, transparent salary policy, tailored training, and internal mobility. Embrace a collective mindset within a barrier-free, collaborative team. Engage in vibrant people culture through regular events, meetings, and committees. Experience ethical responsibility with flexible work options, strong CSR commitment, and a culture promoting work-life balance and time-off. Travel and Location Employees are not required to work at the Wavestone office on a full-time basis but are required to commute to the office /client site, whenever necessary. Wavestone BE office is in the heart of the city of Brussels. Note: Mandatory 2-3 days per week in Wavestone office / client site during the integration period. Diversity and Inclusion At Wavestone, we celebrate diversity and inclusion. We have a strong global CSR agenda and an active Diversity & Inclusion committee with Gender Equality, LGBTQ+, Disability Inclusion, Social Mobility and Anti-Racism networks. If you need flexibility, assistance, or an adjustment to our recruitment process due to a disability or impairment, please reach out to us to discuss this.

Company Name: Huxley
Job Title: Cyber Security analyst
Job Description: Seeking a Cyber Security Analyst for a role based in Brussels, requiring expertise in risk assessments, security requirements, and application security. The client operates in the financial infrastructure sector, focusing on security within their services and management systems. During this mission you will: Define and advise on the design, implementation, and test processes necessary to protect information system assets. Perform risk assessments and translate security architecture and high-level policies and controls into security requirements for business and IT projects. Contribute to the architectural design and validate it against the security requirements. Define security testing requirements and penetration test scope, actively support the testing teams to perform these tests, and approve the test reports. Define, implement, and ensure the proper functioning of security services in line with IT security policies. Recommend and advise on new or improved security services to division management. Produce documented security services, technical standards, or principles. Act as a security subject matter expert within a specific domain (e.g., Mainframe security, PKI, Cryptography, Network security, platform security, IAM, application security, or secure coding), being the point of contact for both business and project teams. About you: IT-security professional with 3-10+ years of experience in either infrastructure security or IT application security. Familiarity with industry best practices in key security domains such as identity and access management, PKI, network security, data protection, and application security. Knowledge of and experience with security technologies including IDAAS, Secure access management, PKI, web application firewalls, endpoint security, virtualization, cloud services, network infrastructure, and security compliance automation. Preferred professional certifications include CISSP, GIAC, SABSA, ISO 27001 LA/LI.

Company Name: Harvey Nash
Job Title: Security Engineer
Job Description: Between 2 and 3 years' experience: You monitor the security of our critical servers and systems. You monitor the alarms generated by our security systems and take action on them: you set priorities and escalate an issue when necessary. Based on your knowledge of attack techniques, you will help to find the root cause of security alarms. For this you dive into the log files of servers and systems. You will test and fine tune security alarms and incident response procedures. You will discuss within the teams what to do in case of incidents and how to prevent them in the future. you attend regular team meetings and scrums You document the context of the incident. You help colleagues who are resolving the incident with additional analyses, if necessary. You help ensure that we are working according to the right priorities. Depending on the action taken on the incident, you close it, put it on hold, have it looked at again or escalate it. Your guide here is our runbook. You also provide suggestions on what action to take. You participate in sessions on continuous improvement and help think through these questions: o What lessons can we learn from how certain incidents were handled? Can things be done differently or better next time? o What are the weaknesses in our security controls? o Can our processes be more efficient? Do we pass on information to each other in the best way? Responsibilities - You have a broad view on the IT Operating systems & middleware (Windows, Unix, Linux, databases) and networks; You have general to good knowledge of malware (types) and cyber-attack techniques (the kill chain); Other pluses - Knowledge of and experience with: security tools for detection and analysis security events ticketing systems network security, firewall, IDS, ... You monitor the security of our critical servers and systems. You monitor the alarms generated by our security systems and take action on them: you set priorities and escalate an issue when necessary. Based on your knowledge of attack techniques, you will help to find the root cause of security alarms. For this you dive into the log files of servers and systems. You will test and fine tune security alarms and incident response procedures. You will discuss within the teams what to do in case of incidents and how to prevent them in the future. you attend regular team meetings and scrums You document the context of the incident. You help colleagues who are resolving the incident with additional analyses, if necessary. You help ensure that we are working according to the right priorities. Depending on the action taken on the incident, you close it, put it on hold, have it looked at again or escalate it. Your guide here is our runbook. You also provide suggestions on what action to take. You participate in sessions on continuous improvement and help think through these questions: o What lessons can we learn from how certain incidents were handled? Can things be done differently or better next time? o What are the weaknesses in our security controls? o Can our processes be more efficient? Do we pass on information to each other in the best way? Preferred Skills You have a broad view on the IT Operating systems & middleware (Windows, Unix, Linux, databases) and networks; You have general to good knowledge of malware (types) and cyber-attack techniques (the kill chain); Other pluses - Knowledge of and experience with: security tools for detection and analysis security events ticketing systems network security, firewall, IDS, ...

Company Name: Sopra Steria
Job Title: Information Security Consultant
Job Description: Senior-Medior GRC Professional Flanders, Brussels, Belgium Full-time Company Description Sopra Steria offers tailored, end-to-end corporate technology and software solutions to help clients make bold choices and deliver results. Successfully so! With more than 56.000 colleagues in 30 countries, we rank as Europe’s leading digital solutions provider. Some of the most successful companies in Europe rely on our technology due to our commitment to innovation, collaboration, and value in business development. The world is how we shape it. Let’s shape it together. Job Description Cybersecurity is an always-on field, so you’ll stay advised of all the latest trends and compliance regulations and always be ready to conduct threat analysis, risk management, and incident response quickly and effectively. To stay on the front foot, our cybersecurity experts will be familiar with the latest security tools, implementing firewalls, and conducting vulnerability assessments. Our cybersecurity colleagues will excel in ethical hacking and penetration testing, with strong communication skills to collaborate effectively with other departments. This ensures that their assets meet security standards, maintain confidentiality, and contribute to safeguarding the systems. After all, there’s no cyber without cybersecurity. We are seeking a proactive, communicative, and experienced Cybersecurity Professional to join our dynamic and innovative team. With a strong background in Information Security Management Systems (ISMS), IT risk management, and compliance audits, you will play a crucial role in protecting our clients from evolving digital threats and supporting them with the information security risks they are facing. Our projects are diverse and challenging, across all industries and markets (private/public). Responsibilities: Design and develop secure solutions to complex application problems Collaborate with the architects on system security design Deploy and use security tools to identify and resolve issues across a wide range of systems and applications Implement hardening controls using CIS benchmark across different system components and applications to reduce the attack surface Identifying, assessing, and mitigating vulnerabilities in infrastructure components and applications Implement/Support DevSecOps processes and security engineering review of code and IT configuration Troubleshooting problems related to PKI Qualifications We’re seeking passionate colleagues who are eager to push the boundaries in digital transformation and technology consulting. At Sopra Steria, you’ll have the opportunity to grow your skills in a constructive, collaborative team environment, working on impactful projects that drive change for our clients. If you thrive on challenge and meet (most of) the qualifications below, we look forward to your application! You have knowledge and experience of the following: Extensive experience with information security management systems (ISMS) Proficiency in conducting compliance audits Strong understanding of IT risk management principles Familiarity with IT processes based on e.g. ITIL Knowledge of standards and legislations such as ISO2700x, NIS2, and Cyber Fundamentals Following certifications are a bonus: CISSP, CISA, CISM, CRIS, C or ISO27001 Lead Implementor or Lead Auditor Education: Bachelor’s or Master’s degree in Engineering, Cybersecurity, or Computer science Languages: Fluency in Dutch or French, and English Moreover, the following skills are expected: Proactive/Entrepreneurial. Someone who can take initiative and drive projects forward. Communication. Strong verbal and written communication skills. Organizational. Having excellent organizational skills to manage multiple tasks and/or projects. Stakeholder Management. The ability to effectively manage and engage with stakeholders at all levels. Reporting/Presenting. Being skilled in preparing and delivering reports and presentations. Social/Team Player. A collaborative team player with strong interpersonal skills. What we can offer you As a member of one of Europe’s largest digital solutions providers, you’ll benefit from extensive career development opportunities, both local and international. At the Sopra Steria Academy, you’ll be part of a dynamic network of 56,000 professionals at all stages of their careers. With a wide array of offices to explore, you can find your ideal location and take the next step in your career. You’ll become a part of a major Tech player in Europe recognised for its consulting, digital services, and software development. Additional Information People are the cornerstone of our success. That’s why we aspire to be bolder together. Our goal is to build high-functioning teams and healthy team environments that inspire and help each other to deliver excellence for each of our customers. Excited about this job opportunity? Ready to shape the world with us? Great! We are looking forward to your application! ______ Sopra Steria is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, ancestry, nationality, color, family or medical leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, gender (including pregnancy), sexual orientation or any other characteristic protected by applicable local laws, regulations and ordinances. We foster a work environment that is inclusive and respectful of all differences. I'm interested