Job description
Medior Security Consultant - Long-Term Project in Brussels - Freelance
Location: Brussels, Belgium Hybrid
Start Date: Preferably September 2025
Language Requirement: Dutch – CEFR level C2
Contract Type: Freelance – Long-term
EU Citizenship Required
Project Overview
We are seeking a Dutch-speaking Security Consultant (Medior level) for a long-term public sector project in Brussels. You’ll work in close collaboration with internal stakeholders to support the implementation of security measures aligned with the latest legislation and cybersecurity frameworks. The role focuses on regulatory compliance, supplier security, data classification, and awareness initiatives.
Key Responsibilities
Regulatory Compliance (NIS2 / CyFun)
-
Assist in implementing and maintaining security policies in line with national and EU cybersecurity regulations.
-
Conduct risk assessments and advise on mitigation strategies.
-
Monitor compliance and report findings to key stakeholders.
-
Stay up to date with cybersecurity trends and apply best practices internally.
Supplier Risk Management
-
Develop frameworks to assess and manage third-party information security risks.
-
Consolidate and report on findings from supplier evaluations.
-
Assess security clauses in supplier contracts.
Information Classification
-
Support the implementation of an information classification framework.
-
Assist departments in identifying and registering information assets.
-
Provide training to enable staff to classify data appropriately.
-
Establish integrated reporting on IT security risks.
Security Awareness & Training
-
Plan and run internal awareness campaigns.
-
Deliver training sessions and workshops.
-
Ensure security becomes part of the day-to-day organisational culture.
-
Evaluate the effectiveness of awareness efforts and recommend improvements.
Requirements
Must-Have:
-
At least 3 years of experience as a Security Consultant (data, infra, or application security).
-
Strong understanding of NIS2 legislation and information security governance.
-
Experience with analysing, documenting, and improving security processes.
-
Solid communication skills and ability to work in project teams.
-
Fluency in Dutch (C2) – both written and spoken.
-
Familiarity with industry frameworks such as ISO 27000, NIST, COBIT, CIS Controls, OWASP.
Nice-to-Have:
-
Experience implementing information classification frameworks in large or public sector organisations.
-
Experience working in government or large enterprise environments.
-
Relevant certifications (e.g. CISSP, CISM, CEH).