Vos missions
Great assignments await you with our key account clients in rich and varied environments
We are looking for an experienced Cybersecurity GRC Manager to support our client in strengthening its information security governance, risk management and compliance approach.
The consultant will join the cybersecurity team and work closely with the CISO, internal teams, external partners and business stakeholders. The mission focuses on ISO 27001:2022, NIS2 compliance, risk management, audit preparation and the continuous improvement of the Information Security Management System.
This role is ideal for a pragmatic GRC professional who combines strong documentation skills, security governance expertise and the ability to work in a multi-stakeholder environment.
The Cybersecurity GRC Manager will contribute to the operational implementation of governance, risk and compliance activities.
Main responsibilities include:
Drafting and maintaining ISMS documentation, including security policies, operational procedures and risk treatment plans.
Supporting ISO 27001 certification activities, from gap analysis to audit preparation.
Preparing internal and external audits and following up on non-conformities.
Supporting NIS2 compliance initiatives for essential and important entities.
Maintaining risk registers, control follow-up and action plans.
Using and administering a GRC tool such as CISO Assistant, OneTrust, ServiceNow GRC, Archer or equivalent.
Facilitating workshops with IT, business and security stakeholders.
Translating regulatory and security requirements into practical, actionable controls.
Producing clear reports and dashboards for management and governance bodies.
Supporting the CISO in structuring security governance across multiple stakeholders.
You have the following skills
Required skills:
3 to 5+ years of experience in GRC, information security compliance or IT risk management.
Strong knowledge of ISO 27001:2022, including ISMS lifecycle, Annex A controls and audit requirements.
Experience with NIS2 compliance or regulatory security frameworks.
Experience in risk analysis methodologies such as ISO 27005, EBIOS RM or equivalent.
Ability to draft high-quality documentation in French: policies, procedures, risk treatment plans, audit reports.
Understanding of GDPR and its connection with information security governance.
Experience preparing or supporting ISO 27001 certification is highly valued.
Experience with GRC tools such as CISO Assistant, OneTrust, ServiceNow GRC or Archer is a plus.
Good understanding of IT infrastructure and cybersecurity concepts.
Strong communication skills with technical teams, management and business stakeholders.
Ability to work autonomously and drive concrete deliverables.
Nice-to-have:
ISO 27001 Lead Implementer or Lead Auditor certification.
Experience in MSP, consulting or multi-client environments.
Experience in regulated sectors such as public sector, energy, water, healthcare, finance or critical infrastructure.
Knowledge of CIS Controls, IEC 62443, ANSSI guidelines or OT/IT environments.
Technical English.
Practical information:
Mission duration: approximately 200 days.
Hybrid working model.
Regular on-site presence required in Wallonia.
Votre profil
You have at least 3 years of professional experiences in IT
If you are at least fluent in FR , EN is a +
You’re eager to learn, motivated and curious
Let’s have a chat !
Advantages
Hospitalization insurance (partner/children incl.)
Group insurance
Dental insurance (partner/children included)
20 days statutory paid vacations (legal vacations cumulated for 1 year of work)
11 days recovery time work 38/40 per year (= annual average: 1 day per 20 days worked) if the client asks you to work 8h/day
Representation fee net per month.
Internet fee of € 40 per month.
Company car with national fuel card OR Public transport reimbursed OR mobility package.
Daily fee of 5.50€ net /day provided.
Subscription GSM unlimited calls for Belgium (ITS subscription)
Training plan (e-learning - certification at ITS charge)
Extra advantages:
Being a rather small team in BE (6 in back-office), we’re very close to each of our consultants and we differentiate ourselves trying to really take care of you and make you grow with us and within our different clients.
Regular follow-up (every 3 to 6months depending on your needs/will)
Regular teambuilding to meet-up and have fun (every 3 months more or less)
Flexibility and trust
Benefits of still being part to a bigger group (ITS Group) and having access to resources and of a larger team of Experts
Co-optation system because sharing is caring!
Processus de recrutement
1st pre-screening on the phone to discuss about your search and conditions and our first potential opportunities matching.
Job descriptions sent and Teams meeting fixed with us (HR and Sales) to dig into your experience and the role.
Package proposal so we all agree beforehand.
Your CV is sent to the different clients you’ve agreed to, to find the best mission for you!
En ligne depuis le 16.06.2026
Charleroi
CDI
Entité : ITS Group Benelux
Anglais
Français
Fonction managériale : Non
Mobilité : Non
Mode de poste : Sur Site
Salaire : Salary conform to experience.
Réf. SA0383
For more than 25 years, ITS Group has been a French ESN specializing in digital transformation, employing around 1,400 employees across 8 agencies in France and 1 in Belgium.
Our expertise: IT infrastructure & operations, cloud & managed services, mobility, workstations & networks, strategy, consulting & AMO, cybersecurity, development of business applications.
ITS Group places its CSR commitment at the heart of its concerns by developing sustainable and responsible digital technology and by promoting the professional and personal development of its employees.
Find out more: www.itsgroup.com
