Information Security Senior Consultant for European Institutions - Deloitte


Deloitte is a world leading professional services firm, providing management consulting, accounting and auditing services, but also legal and tax advice. In Belgium we are the largest professional service provider. Our offices offer services to multi-national and large organisations, public institutions and innumerable small, fast-growing companies. Thanks to a strong regional presence and our multi-disciplinary approach, we are ideally placed to meet the requirements of a wide range of public institutions and small and large companies.


Our Risk Advisory practice (part of the Consulting and Advisory business) is a global leader in helping clients manage risk and uncertainty from the boardroom to the network. We provide a broad array of services that allow our clients around the world to better measure, manage and control risk to enhance the reliability of systems and processes throughout their organization.


In response to the rapid growth in both the sophistication and intensity of cyber threats, it has become apparent that static defensive measures, while remaining important, are no longer sufficient. A set of analytical techniques is emerging to pre-empt and counter attacks using previously unknown methods, often remaining passive within systems until activated. This has produced a market which is changing quickly as technologies mature.


Your Responsibilities


  • As an information security professional you will help our clients – European Institutions – to address the increasing set of information security challenges that are persistent at European level;
  • You will interact and work together with teams of Deloitte experts, with European officials, and with complex teams in understanding the EU-level information security risks, threat landscape, in assessing the maturity of the current security capabilities and defining a strategy to help the relevant EU stakeholders to achieve the right level of controls.
  • Manage and continually improve the processes surrounding the ISMS (Information Security Management System) in the context of European Institutions
  • Produce monthly and quarterly reports and metrics related to the ISMS
  • Maintain all ISMS policy and process documentation for our clients – European Institutions
  • Liaise with Local Information Security Officers (LISO), Project Management and Business teams from the European Institutions to ensure continued support of the ISMS and compliance to the security related processes
  • Coordinate/execute all internal and external IT audits and Information Security reviews including but not limited to reviews based on ISO27001, SOC2, ISO27017, ISO27018, ISO20000, ENISA frameworks, C3602)
  • Execute security Risk Assessment process including risk treatment management and corrective action planning

Desirable Skills 

  • You have the necessary knowledge of current best practices combined with out-of-the-box thinking to help our European Institutions clients addressing the information security challenges that are relevant at European level;
  • You obtained several years of experience in information security in a high profile environment, implying experience with international organisations and with public sector actors;
  • Prior experience in working with European Institutions, national-level cybersecurity actors, CERTs/CSIRTs is highly valuable and represents a major plus;
  • Good knowledge and understanding of the latest EU-level and international level cyber security developments, actors and trends is mandatory;
  • A good understanding of the key cyber security policy and regulatory elements applicable at European level or at the level of EU Member States is expected;
  • You have strong formal communication, reporting and synthesis skills;
  • You display a strong interest in the policy, technical and organizational aspects of cyber security and have specific knowledge and competencies in security standards (such as ISO 27001, NIST, etc.);
  • Information security or other relevant technical certifications are a plus;
  • Your approach is result-oriented and can work autonomously, deliver very high quality research outcome and can handle multiple projects simultaneously;
  • You have fluent language skills (English is mandatory) and preferably also Dutch or French) and you are a real team player.


Our Offer


  • The opportunity to join the global leader in Cyber Risk Services;
  • A challenging, innovating environment with a good team spirit where personal development and growth are encouraged;
  • A people focused culture of continuous learning and coaching;
  • An attractive and competitive salary package with fringe benefits;
  • Real career opportunities.