GRC Information Security Consultant


Your role

We are looking for a GRC Information Security Consultant to join our GRC department. You will take part in stimulating consulting and project assignments under the supervision of our Lead consultants and Practice Leader.

Your missions will consist of:

  • Being an integral part of our Governance, Risk and Compliance solutions
  • Representing APPROACH and delivering high standard quality deliverables
  • Bringing high-value solutions to customers in the area of GRC (Business Continuity and Information Security and Risk Mgt, Data Privacy)
  • Delivering GRC solutions in various steps of the engagement's lifecycles (perform security and risk assessments, contribute or manage security projects, deliver GRC solutions as a service).
  • Providing CISO or assistant-CISO services to our customers (i.e. provide strategic and technical advise, organise the information security related activities, support customers to manage security incident(s)
  • Providing Data Protection Management and/or DPO service to our customers (i.e. conduct awareness sessions, DPIAs, compliance assessments, support in Data Subject Access Request or Data Breach)
  • Actively participating in the development of a GRC solution offering including improving GRC assets and writing of resources
  • Sharing knowledge and actively contributing to GRC team meetings
  • Bringing a positive and “can-do” attitude and energy to the team


Your profile

You have:

    More than 3 Years of professional (in the field) experience, including demonstrable experience in Information/IT/OT SecurityUniversity Degree Qualified or equivalent work experienceAbility to speak, write and understand English and DutchUnderstanding of ISO 27000 standards, Data Protection, and Risk managementStrong understanding of regulatory frameworks such as GDPR, NIS, eIDAS, ... Ability to define the global information security strategy, the scope and contextGood understanding of Information Risk Management, including Third party risk managementAbility to write policies, processes, guidelines, and proceduresGood understanding of IT and Cloud servicesContributed to the implementation or operation of ISMSExposure or management of security audit, security incident, and crisis managementEstablish and coordinate business continuity managementPerform training and awareness activitiesManage small to medium size projects preferably in ICT and information securityExposure toward middle to senior managementExcellent communication and presentation (oral and written) Uncompromised integrity: respect for the confidentiality of both client and company information


Considered as a plus:

  • ISO 27001 Lead Implementer or lead auditor
  • ISO 27005, EBIOS
  • CCSK



Don’t wait and send us your application to This email address is being protected from spambots. You need JavaScript enabled to view it.


Add files