Fieldside
Voor een klantzijn we op zoek naar een GRC officer
GRC Officer (Governance, Risk & Compliance) – ISO 27001 Implementation
Start date As soon as possible (ideally onboarding can begin in late 2025; must start by early 2026)
End date End of 2026 (initial contract for all of next year, with possible extension into business as usual)
Context
Role within Cybersecurity, Governance, Risk, and Compliance team
Main objective: Achieve ISO 27001 certification for the client's Belgian entities, in line with NIS2 directive
Team size: ~8 (risk management, governance/compliance, metrics/KPIs, program manager)
The GRC Officer will join the governance and compliance sub-team
Focus on ISMS (Information Security Management System) processes and documentation (ISO 27001 & 27002)
Support exception management and GRC tool operations
Typical Day
Create and maintain ISMS documentation based on ISO 27001:2022
Execute and follow up on ISMS activities (PDCA cycle)
Support compliance and exceptions management processes
Assist with GRC tool management (organizational and change management, not coding)
Guide stakeholders through processes, provide operational support, and interact with various teams
Prepare documentation, monitor objectives, follow up with stakeholders, and manage registers (risk, controls, exceptions)
Years of Experience
Minimum 3 years’ experience with ISO 27001 implementation and related activities
Target profile: 3–8 years of relevant experience
Must Have
Proven experience with ISO 27001/27002 implementation
Independent in ISO knowledge and processes (minimal day-to-day coaching required)
Strong organizational skills
Tech-savvy (comfortable with Excel and other tools)
Excellent communication and stakeholder management skills
Fluent in English (documentation, meetings, and tools are in English)
Ideal Candidate
ISO 27001:2022 Lead Implementer certification
Familiarity withoperating model and stakeholders
Experience in large corporate/global environments
Nice to Have
Experience with GXP/quality systems (pharma context)
French or Dutch language skills (not required, but useful for some stakeholders)
Language Requirements
English: mandatory
French/Dutch: optional plus
Homeworking Policy
Hybrid model: typically 2 days on-site per week (flexible, not strictly fixed)
Homeworking is possible
Full Time?
Yes, full-time (5 days/week)
Interview Process
One round of interviews (usually sufficient to assess ISO knowledge)
Conducted via Teams (remote)
Interview with the manager; supplier may attend but not participate
#J-18808-Ljbffr
GRC Officer (Governance, Risk & Compliance) – ISO 27001 Implementation
Start date As soon as possible (ideally onboarding can begin in late 2025; must start by early 2026)
End date End of 2026 (initial contract for all of next year, with possible extension into business as usual)
Context
Role within Cybersecurity, Governance, Risk, and Compliance team
Main objective: Achieve ISO 27001 certification for the client's Belgian entities, in line with NIS2 directive
Team size: ~8 (risk management, governance/compliance, metrics/KPIs, program manager)
The GRC Officer will join the governance and compliance sub-team
Focus on ISMS (Information Security Management System) processes and documentation (ISO 27001 & 27002)
Support exception management and GRC tool operations
Typical Day
Create and maintain ISMS documentation based on ISO 27001:2022
Execute and follow up on ISMS activities (PDCA cycle)
Support compliance and exceptions management processes
Assist with GRC tool management (organizational and change management, not coding)
Guide stakeholders through processes, provide operational support, and interact with various teams
Prepare documentation, monitor objectives, follow up with stakeholders, and manage registers (risk, controls, exceptions)
Years of Experience
Minimum 3 years’ experience with ISO 27001 implementation and related activities
Target profile: 3–8 years of relevant experience
Must Have
Proven experience with ISO 27001/27002 implementation
Independent in ISO knowledge and processes (minimal day-to-day coaching required)
Strong organizational skills
Tech-savvy (comfortable with Excel and other tools)
Excellent communication and stakeholder management skills
Fluent in English (documentation, meetings, and tools are in English)
Ideal Candidate
ISO 27001:2022 Lead Implementer certification
Familiarity withoperating model and stakeholders
Experience in large corporate/global environments
Nice to Have
Experience with GXP/quality systems (pharma context)
French or Dutch language skills (not required, but useful for some stakeholders)
Language Requirements
English: mandatory
French/Dutch: optional plus
Homeworking Policy
Hybrid model: typically 2 days on-site per week (flexible, not strictly fixed)
Homeworking is possible
Full Time?
Yes, full-time (5 days/week)
Interview Process
One round of interviews (usually sufficient to assess ISO knowledge)
Conducted via Teams (remote)
Interview with the manager; supplier may attend but not participate
#J-18808-Ljbffr