CrawlJobs Logo

GRC Consultant

https://www.soprasteria.com Logo

Sopra Steria

Location Icon

Location:
Belgium, Brussels

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Sopra Steria offers tailored, end-to-end corporate technology and software solutions, helping clients deliver results with innovation and collaboration. The role involves cybersecurity expertise and a focus on governance, risk, and compliance (GRC).

Job Responsibility:

  • design and develop secure solutions to complex application problems - deliver clients projects end-to-end, interfacing across stakeholders
  • implement hardening controls using CIS benchmark across different system components and applications to reduce attack surface
  • lead risk assessments, identification, analysis, treatment, and monitoring across clients
  • perform BCPs, draft Security Plans and roadmaps, ensure third-party risk management
  • cooperate with key stakeholders such as CISO
  • implement/support DevSecOps processes and security engineering review of code and IT configuration
  • support internal and external audits including audit planning, evidence gathering, gap analysis, and remediation tracking
  • support business development and GRC team in driving NIS2 and AI security initiatives and projects
  • support presale process by drafting and leading relevant offers, RFPs, etc.

Requirements:

  • 5+ years of experience in the domain
  • extensive experience with information security management systems (ISMS), compliance audits and ensuring security-by-design
  • interest in AI security developments
  • familiarity with IT processes based on e.g. ITIL
  • knowledge of standards and legislations such as ISO2700x, NIS2, GDPR, AI and Cyber Fundamentals
  • experience working in the EU or public sector, navigating complex projects
  • fluency in English, French and/or Dutch
  • certifications such as CISSP, CISA, CISM, CRISC or ISO27001 - Lead Implementor or Lead Auditor, AI risk management (ISO42001) is desirable.

Nice to have:

  • certifications such as CISSP, CISA, CISM, CRISC or ISO27001 - Lead Implementor or Lead Auditor
  • AI risk management (ISO42001)
  • fluency in French and/or Dutch
What we offer:
  • extensive career development opportunities, both local and international
  • participation in Sopra Steria Academy
  • dynamic network of 56,000 professionals
  • wide array of offices to explore to find ideal location

Additional Information:

Job Posted:
June 25, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for GRC Consultant

Junior GRC Cybersecurity Consultant

We are seeking an enthusiastic and communicative Junior GRC Cybersecurity Consul...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master/Bachelor's degree in Cybersecurity, Computer Science/IT, Business/Information Management, or related field
  • 1-2 years of experience in information security, risk management or IT
  • Basic understanding of ISMS, Risk Management, and Information Security principles
  • Familiarity with compliance standards and legislations (e.g., ISO27001, NIS2, CyberFundamentals, etc.)
  • Basic knowledge of common security tools and best-practices
  • Strong analytical and problem-solving skills
  • Excellent communication and teamwork abilities
  • Fluency in French and/or Dutch, + English
Job Responsibility
Job Responsibility
  • Assisting in the development and maintenance of cybersecurity policies, standards, processes and procedures based on frameworks like ISO 27001, CyberFundamentals, NIST, etc.
  • Joining security maturity assessments, audits and gap analyses to improve the organization's cyber resilience (e.g. with regards to NIS2)
  • Supporting risk treatment plans, including tracking mitigation actions and following up with the responsible teams
  • Contribute to third-party/vendor risk assessments by reviewing security questionnaires and analyzing risks associated with external partners
  • Assisting in the development and delivery of security awareness training sessions for employees
What we offer
What we offer
  • Extensive career development opportunities
  • Access to the Sopra Steria Academy for continuous learning, including industry-recognized certification paths
  • Opportunity to work on diverse and challenging projects in different industries
  • Collaborative team environment in a major European tech company
  • Competitive salary with an indefinite contract
  • Wide range of benefits
  • Access to Sopra Steria training and personal development academy
  • Friendly work atmosphere
  • Fulltime
Read More
Arrow Right

Medior-Senior GRC Consultant - Regulatory and Compliance focus

We ensure that all operations, digital or otherwise, meet the latest quality and...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of experience in the Cybersecurity business landscape
  • Proficiency in Dutch and English is mandatory
  • Advanced knowledge of the 'cyber regulatory area'
  • Understanding of AI Act, DORA is a plus
  • Strong experience in performing Compliance Maturity assessments, Data Protection Impact Assessments and to apply Data protection by Design/By default and risk-based approach, perform quality legal compliance analyses and produce good quality reports
  • ISO27001 certification is a plus, experience in ITSRM, and a good understanding of compliance-oriented projects
  • Strong knowledge of PM roles and the ability to independently handle content-oriented missions
  • Client-oriented with the ability to navigate the EU and national regulatory environment, engaging with various stakeholders (regulators, EU, CISO, DPO)
  • A hands-on approach with a solution-oriented mindset, capable of effective communication within the business environment
  • Independence in client-oriented projects and adept at identifying opportunities
Job Responsibility
Job Responsibility
  • Lead regulatory compliance projects
  • Interpret complex legislation such as AI Act and DORA
  • Apply technical knowledge in cybersecurity to enhance the company’s security posture
  • Contribute to pre-sales activities
  • Draft RFPs
  • Understand the broader EU and national business landscapes
What we offer
What we offer
  • Extensive career development opportunities
  • Dynamic network of 56,000 professionals
  • Wide array of offices to explore
  • Fulltime
Read More
Arrow Right
New

Consultant - servicenow Developer

Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
December 15, 2025
Flip Icon
Requirements
Requirements
  • Service Now
  • GRC
  • 12 years experience
Read More
Arrow Right

Lead Cyber Security Consultant

As a Lead Cyber Security Consultant at Actica Consulting, you will have the oppo...
Location
Location
United Kingdom , London; Guildford; Bristol; M4 corridor
Salary
Salary:
Not provided
actica.co.uk Logo
Actica Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience of complex ICT systems security in a technical delivery or consulting capacity in the UK Defence sector or Public Sector
  • The ability to present and justify conclusions to project teams and business stakeholders
  • Proven abilities in delivering to client expectations and requirements
  • Strong verbal and written communications skills
  • Must be eligible and willing to obtain UK Government Security Clearance
Job Responsibility
Job Responsibility
  • Leading one or more Actica teams to undertake varying consultancy assignments
  • Providing security expertise for major system procurements and Agile programmes to ensure secure delivery
  • Identifying, analysing and evaluating information risks across a range of programmes, projects and systems
  • Explaining to risk owners the causes, likelihood and potential business impacts of information risks
  • Identifying and presenting options for treating or transferring information risks
  • Authoring and/or supporting the development of security assurance documentation
  • Developing or reviewing new security architectures
  • Scoping security testing activities, and explaining the results and required remediation
  • Managing the delivery of security services by Actica teams across several live projects
  • Working with our client-side customers to manage contract delivery
What we offer
What we offer
  • 25 days of paid leave per annum plus 8 UK bank holidays
  • Discretionary, Performance-Based Bonus Scheme
  • Enrolment in Stakeholder Pension Scheme
  • Cycle To Work Scheme
  • Employee Assistance Programme
  • Electric Vehicle Leasing Scheme
  • Private Medical Insurance
  • Substantial training leading to nationally recognised certifications
  • Mentor support and guidance
  • Performance and Development Manager for regular reviews and career progression planning
  • Fulltime
Read More
Arrow Right

Cyber Security ITRM Consultant

Responsible for developing, implementing, and maintaining the organisation's IT ...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in IT Risk Management frameworks, threat modelling, and risk scenario planning
  • Strong understanding of regulatory requirements and compliance frameworks
  • Expertise in GRC platforms (ServiceNow GRC, RSA)
  • Proficiency in risk scoring methodologies and control gap analysis
  • 8-12 years experience
  • Education: B.E./ B.Tech./MCA
Job Responsibility
Job Responsibility
  • Conduct comprehensive risk assessments: identification, impact analysis, heatmap/matrix creation, inherent vs. residual risk scoring, and control gap analysis
  • Perform threat modelling and develop detailed risk scenarios for IT infrastructure, applications, and cloud environments
  • Align IT risk practices with industry frameworks and standards (ISO 27005/27001, NIST RMF, PCI DSS, DORA)
  • Evaluate and maintain IT controls and security posture, recommending enhancements where necessary
  • Support internal and external IT audit processes, ensuring timely remediation of findings
  • Work with GRC teams (ServiceNow GRC, RSA) to track and manage risk compliance workflows
  • Prepare and present risk dashboards, KRIs, and management reports to senior leadership
  • Fulltime
Read More
Arrow Right
New

Senior Information Security Consultant (QSA)

PGI is a global consultancy that helps organisations build digital resilience. W...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
pgitl.com Logo
Protection Group International
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven relationship management skills and experience in Information Assurance consultancy
  • Qualified Security Assessor (QSA) experience with valid PCI-DSS QSA accreditation with a minimum of 2 years of experience performing PCI DSS compliance consultancy
  • Familiarity with PCI DSS and NIST CSF
  • Experience in conducting risk assessments, cyber security maturity evaluations, and remediation strategies
  • Strong communication skills, able to present to clients and senior stakeholders
  • A collaborative, solutions-oriented mindset with excellent time-management skills
Job Responsibility
Job Responsibility
  • Provide expert guidance to clients, supporting both pre-sales and delivery, and establishing trusted advisor relationships to drive compliance and security improvements
  • Lead and deliver hands-on PCI DSS compliance consultancy, performing assessments, gap analyses, and remediation strategies tailored to client needs
  • Act as a subject matter expert in PCI DSS compliance and Governance, Risk, and Compliance (GRC), advising clients on regulatory compliance, risk management, and information security best practices
  • Contribute to PGI’s consultancy growth by aligning services with emerging trends and industry standards. Drive PGI’s accreditations and assist with maintaining ISO 27001, PCI DSS and data protection compliance
  • Mentor junior team members, contribute to the recruitment process, and oversee third-party relationships to ensure project profitability and delivery quality
  • Stay ahead of industry trends, emerging security threats, and best practices to maintain professional growth and continuously improve PGI’s consultancy offerings
Read More
Arrow Right

Product Security Engineer - Secure SDLC Analyst

HPE Aruba Networking is looking for a person excited to work at the intersection...
Location
Location
United States , San Juan
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Information Security, Computer Science, or related technical field
  • A background in software security, either academic or work experience, including reverse engineering, vulnerability classes such as buffer overflows and their prevention, web application security, and/or cloud security
  • Programming knowledge of at least one programming language with the ability to look at source code and figure out what it’s doing
  • Familiarity with the purpose of tools such as IDEs, compilers, source code revision control systems, ASPM, SCA and code scanners
  • Minimum 3 years of experience working directly in software engineering or in an adjacent field with exposure to the software engineering environment
  • Experience conducting risk assessments, threat modeling, and/or compliance assessments
  • Experience supporting the integration of security practices through the software development lifecycle
Job Responsibility
Job Responsibility
  • Assist in the execution of product compliance assessments against various frameworks (e.g. NIST SSDF, NIST SP 800-218, SP 800-53, CIS Benchmarks)
  • Assist in the development and/or maintenance of GRC and SDLC tooling implementations, including scripting and automation
  • Operate as a representative of HPE Aruba in working groups, with government representatives, and with auditors
  • Provide consulting, information, and advice to product teams around implementing and improving the maturity of our SDLC
  • Document known issues and provide information to product teams in a manner which allows for easy interpretation and corrective actions to be performed
  • Monitor worldwide government standards and communicate to management and product teams when changes are made that may impact an existing control or introduce new requirements
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Product Security Engineer

HPE Aruba Networking is looking for a person excited to work at the intersection...
Location
Location
United States , San Juan
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Information Security, Computer Science, or related technical field
  • A background in software security, either academic or work experience, including reverse engineering, vulnerability classes such as buffer overflows and their prevention, web application security, and/or cloud security
  • Programming knowledge of at least one programming language with the ability to look at source code and figure out what it’s doing
  • Familiarity with the purpose of tools such as IDEs, compilers, source code revision control systems, ASPM, SCA and code scanners
  • Minimum 3 years of experience working directly in software engineering or in an adjacent field with exposure to the software engineering environment
  • Experience conducting risk assessments, threat modeling, and/or compliance assessments
  • Experience supporting the integration of security practices through the software development lifecycle
Job Responsibility
Job Responsibility
  • Assist in the execution of product compliance assessments against various frameworks (e.g. NIST SSDF, NIST SP 800-218, SP 800-53, CIS Benchmarks)
  • Assist in the development and/or maintenance of GRC and SDLC tooling implementations, including scripting and automation
  • Operate as a representative of HPE Aruba in working groups, with government representatives, and with auditors
  • Provide consulting, information, and advice to product teams around implementing and improving the maturity of our SDLC
  • Document known issues and provide information to product teams in a manner which allows for easy interpretation and corrective actions to be performed
  • Monitor worldwide government standards and communicate to management and product teams when changes are made that may impact an existing control or introduce new requirements
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs Canada Jobs Poland Jobs Ireland Jobs Spain Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy