As the Risk Expert at YPTO, you will be responsible for overseeing the organization's risk management process, providing guidance to the Risk team, and ensuring continuous improvement. Additionally, you will act as an authority in developing, implementing, and maintaining the risk management framework in alignment with academic theories, industry standards, and legal requirements. Your role will also involve promoting cybersecurity awareness and best practices within the organization.


Develop the Risk Management Process :

  • Develop a repeatable and quantitative risk management process based on academic theories, industry standards, and models.
  • Identify improvements to enhance the efficiency and consistency of the Risk Management Process through tooling.
  • Ensure prioritization and quality assurance of tasks within the Risk team.
  • Provide coaching and guidance to the Risk team as needed.
  • Assist in the selection of new team members with the requisite qualifications and skills.

Improve and Maintain the Risk Management Process :

  • Enhance and maintain the Risk team's capabilities and services.
  • Align the Risk Management Process with other YPTO Risk Management Programs.
  • Manage all aspects of the lifecycle management of capabilities and services, including designing, implementing KPIs/KRIs, documenting procedures, identifying and addressing operational and quality risks, and monitoring external suppliers.
  • Report to internal stakeholders on KPIs, planning, capacity, and quality.

Knowledge Transfer :

  • Collaborate with other leads of the GRC Team to enable synergies.
  • Assist colleagues within the CISO office and Ypto in understanding information security and risk management.
  • Mentor junior Risk security officers to facilitate their professional development.

Requirements

  • 10 years of relevant experience in information security management.
  • Certifications such as CISSP, CISA, CISM, ISO27001 lead implementer or auditor, CRISC are considered advantageous.
  • Master's degree or higher, preferably with a background in statistics and econometrics.
  • Proficiency in Dutch or/and French (C2) and English (C1).
  • Expert knowledge of cybersecurity and privacy standards, frameworks, policies, regulations, and best practices.
  • Proven track record of implementing Risk management programs for large organizations.
  • Experience with Risk tooling (e.g., B-wise, ServiceNow GRC, OneTrust) is a plus.
  • Strong network and active participation within the Risk Community is preferred.


Our offer

Within our open corporate culture, you contribute to the digital transformation of SNCB. You will have a job with social impact and ample opportunity to make your own contribution. In addition to a good work-life balance and a competitive salary, you will receive the following benefits:

  • the possibility to work remotely + flexible working hours;
  • 35 days of leave;
  • a company car + a public transport season ticket;
  • a target bonus;
  • a comprehensive insurance package (affiliation without own contribution, excl. outpatient costs for family members);
    • hospitalisation and dental care for the whole family;
    • outpatient costs (= medical costs separate from hospitalisation);
    • group insurance: supplementary pension, work disability and death (cafeteria plan);
    • accidents at work (extralegal);
  • meal vouchers and eco-vouchers;
  • net allowances for remote working and carwash + internet budget.
Apply for this job
Apply for this job
Location icon

Near Brussels Midi Station

Department icon

IT Security

Contract type icon

fulltime_permanent

Share this vacancy

FacebookWhatsAppEmailLinkedIn

3 reasons to choose Ypto 

Icoon uitdagingen: bergtop

Challenging projects

At Ypto, you never stand still. Every day is different and offers the opportunity to be challenged to innovate in order to find the best solution for our customer.

Maatschappelijke impact icoon

Social impact

Through your work, you contribute to the future of Belgian railways and have a tangible impact on millions of people.

Doorgroeimogelijkheden icoon

Growth opportunities

Initiative, trust and self-management are key. You will have the support of your colleagues to develop and the opportunity to grow.

Application procedure

Did you apply for a position at Ypto? Or are you curious about how our application procedure works? We follow the four steps below each time. Depending on the position, an additional interview or assessment may be required.

1

CV screening

We take a close look at your CV and check whether it matches the profile you are looking for. We may call you briefly to ask about your motivation and experience.

2

Interviews and questionnaire

If the outcome of this screening is positive, you are invited to a (video) interview with your direct supervisor and your HR Business Partner. During these interviews, we discuss your motivation, knowledge, experience and skills as well as the content of the job. We also talk about the online questionnaire you filled in prior to the interview.

3

Reference analysis

Finally, we contact the references you will have provided. This way, we can make you out better.

4

We have a match: welcome to Ypto

Have you been selected? If so, we will be happy to draw up an attractive proposal and welcome you to our organisation.

Spontaneous application

Would you like to work with us on the future of SNCB but cannot immediately find the right vacancy? Then feel free to submit a spontaneous application. Who knows, you might soon be part of our team!