Gentis
Gentis
Accueil

JobsMissionsMédiaÉtudes de cas
Contactez-nous à tout moment via
hello@gentis.com

Nos dernières offres

Rechercher une opportunité par mot-clé

Third-Party Risk Manager – NIS2 Compliance

13/08/2025
Fixed termBelgiumHybrid
Lien copié
Description du poste

Position Overview: The Third-Party Risk Manager is responsible for overseeing and mitigating information security risks related to external suppliers, service providers, and business partners. The primary objective is to ensure strict compliance with the NIS2 Directive and international standards such as ISO 27001, safeguarding the organisation from risks introduced by third parties.

  • Develop governance structures and processes for third-party risk management, ensuring integration with overall compliance frameworks.
  • Evaluate and classify suppliers based on criticality and risk profile, using established methods aligned with NIS2 requirements.
  • Conduct due diligence and risk assessments for external partners, with a focus on regulatory compliance and risk mitigation.
  • Collaborate closely with internal stakeholders including CISO, procurement, IT, and legal teams, to embed robust security clauses and processes throughout the supplier lifecycle.
  • Monitor ongoing compliance through the implementation of KPIs, SLAs, audits, and data-driven reporting dashboards.
  • Manage incident reporting and escalation with third-party suppliers in accordance with NIS2 Directive timelines and best practices.
  • Organise awareness and training sessions for suppliers, focusing on supply chain security and adherence to NIS2 requirements.
  • Act as the central point of contact for all matters relating to third-party information security risk management and NIS2 implementation.

Requirements:

  • Demonstrable background in information security, cybersecurity, or risk management roles.
  • Thorough knowledge of the NIS2 Directive and/or international standards such as ISO 27001.
  • Proven experience managing suppliers, conducting audits, and defining security clauses in contractual agreements.
  • Advanced skills in communication, reporting, and stakeholder engagement.
  • Fluency in Dutch or French, and professional proficiency in English is essential for this role.
Description du profil

We are looking for candidates who excel in navigating complex compliance environments and have a keen understanding of the evolving regulatory landscape, particularly with regards to information security and supply chain risk. The ideal person is solution-oriented, demonstrating exceptional analytical abilities and a rigorous attention to detail when assessing third-party risks and ensuring robust governance.

  • Proven expertise in information security, cybersecurity, or risk management, with a demonstrable track record of implementing best practices and frameworks.
  • Strong grasp of the NIS2 Directive as well as standards such as ISO 27001, particularly in the context of supplier management and compliance audits.
  • Skilled communicator who collaborates seamlessly with internal teams (such as IT, procurement, legal, and executive leadership) and external partners to drive a shared commitment to security.
  • Experience integrating security requirements into contracts, performing due diligence, and establishing effective reporting mechanisms and Key Performance Indicators (KPIs).
  • Natural leader and facilitator with the confidence to act as the central point of contact for all matters related to third-party security and NIS2 alignment, fostering awareness through tailored training and stakeholder engagement.
  • Insightful evaluator who applies a structured and pragmatic approach to risk assessment, supplier classification, and oversight of contractual compliance, incident reporting, and audit processes.
  • Resourceful and proactive mindset, always seeking to anticipate emerging risks and act decisively to uphold the organisation’s security posture.
  • Language proficiency in Dutch or French (fluent), with professional-level English communication skills ensuring effective interaction in a multilingual environment.

Those who thrive in this role are diplomatic yet assertive, comfortable making informed judgments, and capable of translating complex regulatory requirements into actionable strategies across the organisation and its third-party ecosystem.

Lieu de travail
Nous cherchons à pourvoir 1 postes.
Lien copié

Opportunités similaires

Compliance & Regulatory Affairs
09/08/2025

Information Security Associate Manager (ISM)

Rattachement hiérarchiqueManager hiérarchique : Risk & Compliance ManagerManager fonctionnel : Chief Information Security Officer (CISO)LieuCasablancaPérimètre du posteLe Information Security Associate Manager est le responsable opérationnel et process owner des activités liées à la protection de la confidentialité et de l’intégrité des données critiques de l’entreprise (clients, employés, partenaires).Il veille à la conformité des pratiques locales avec les stratégies de sécurité définies par le CISO HQ, afin d’atteindre les objectifs et standards de l’organisation.Missions principalesGouvernance & PolitiquesDéfinir, mettre en œuvre et maintenir les politiques et procédures locales de sécurité de l’information.Garantir l’alignement avec les stratégies globales définies par le CISO HQ.Identifier, évaluer et gérer les risques de sécurité, réaliser des audits internes et proposer des plans de remédiation.Sensibilisation & FormationDévelopper et animer des programmes de sensibilisation à la sécurité auprès des employés, partenaires et prestataires.Former les nouveaux arrivants aux bonnes pratiques de sécurité et aux politiques internes.Suivi & ConseilAgir comme consultant interne en sécurité pour les projets et systèmes de l’entreprise.Examiner et valider les plans de sécurité mis en œuvre dans les systèmes et réseaux de l’organisation.Assurer la liaison avec les équipes IT pour veiller à la conformité et remonter les incidents non résolus.Contrôle & ConformitéSurveiller et tester régulièrement les contrôles de sécurité pour garantir l’accessibilité et l’intégrité des données.Maintenir et superviser le Système de Management de la Sécurité de l’Information (ISMS) pour atteindre et conserver les certifications ISO 27001 et WLA-SCS.Assurer le maintien du Business Continuity Management System (BCMS).Gestion de crise & ContinuitéParticiper à la gestion des incidents majeurs et aux plans de reprise après sinistre.Coordonner les activités de continuité et de récupération des données en cas de crise.Compétences techniques clésGouvernance de la sécurité (ISO 27001, ISMS, BCMS)Évaluation et gestion des risquesPlan de continuité et reprise d’activité (BCP / DRP)Sensibilisation et formation à la sécuritéConformité réglementaire et audit interneSuivi des tendances et évolutions technologiques en cybersécurité

PermanentMoroccoHybrid
Compliance & Regulatory Affairs
04/08/2025

Consultant(e) - Chef de Département Conformité

Chef de Département Conformité – Management de Transition basé à Paris, responsable de piloter la stratégie conformité au sein d’un environnement réglementaire exigeant. Le poste comporte la supervision d’équipes dédiées à la conformité ainsi que la gestion de projets de transition et de transformation organisationnelle.Élaborer et actualiser les politiques internes en matière de conformité pour garantir le respect des obligations légales et réglementaires.Assurer une gestion proactive du risque, en déployant des méthodologies d'évaluation, de contrôle et de suivi des risques liés à la conformité.Consolider la gouvernance et veiller à l’alignement des procédures avec les exigences normatives nationales et internationales.Diriger les missions de changement organisationnel dans un contexte de management de transition, en accompagnant les équipes vers l’intégration de nouvelles pratiques.Gérer les relations avec les parties prenantes internes et externes (instances dirigeantes, supervision, autorités de régulation) pour garantir l’adhésion aux standards de conformité.Assurer le suivi des audits, la documentation des processus et la coordination des plans d’actions correctifs.Intervention dans des situations complexes nécessitant une expertise pointue en matière réglementaire, une forte capacité de leadership ainsi qu’une solide expérience de gouvernance et de transformation organisationnelle dans le secteur de la conformité.

Fixed termFranceHybrid
Compliance & Regulatory Affairs
04/08/2025

FREELANCE AML Analyst

Junior AML Analyst – Second Line Compliance focuses on supporting the organization's compliance framework, particularly within the second line of defense. The primary responsibilities include monitoring and investigating suspicious financial alerts, performing sanction screening, and ensuring rigorous adherence to Anti-Money Laundering (AML) practices. Conduct detailed review and assessment of system-generated alerts related to potential money laundering or terrorist financing activities.Carry out sanction screening for clients and transactions to identify matches with global watchlists and embargoed entities.Assist in the development, review, and update of internal policies to comply with banking laws and regulatory standards.Identify and escalate suspicious patterns for further investigation to ensure robust fraud detection and mitigation.Collaborate with various compliance teams to provide accurate documentation and reporting in both English and French.Support the ongoing effectiveness of the organization’s compliance program within the context of both the second and third line of defense.Remain up-to-date with ever-evolving regulations related to AML and compliance management in the financial sector.The role is essential for safeguarding the institution, maintaining operational integrity, and meeting legal requirements in a dynamic regulatory landscape.

Fixed termBelgiumHybrid
Compliance & Regulatory Affairs
18/07/2025

VP Compliance – Financial Crime & Regulatory (UAE National)

Role Overview: As the VP Compliance – Financial Crime & Regulatory, you will lead compliance operations for a digital-first bank, focusing on both Financial Crime Compliance and Regulatory Compliance. Reporting directly to the CCO, you will ensure the bank’s activities meet stringent regulatory and anti-financial crime obligations within the UAE’s evolving digital banking landscape.Corporate Governance: Oversee all compliance functions to ensure alignment with UAE laws and global best practices for digital banking.Financial Crime Compliance: Drive anti-money laundering and counter-terrorism financing initiatives, including risk assessments, KYC processes, and ongoing customer due diligence.Regulatory Engagement: Interface regularly with UAE regulators to maintain open channels of communication, clarify expectations, and manage audits or inspections.Policy Development: Develop, implement, and update compliance frameworks, policies, and controls to reflect regulatory changes and business growth.Monitoring & Reporting: Oversee monitoring programs to identify, investigate, and report suspicious activity internally and to relevant authorities.Team Leadership: Build, develop, and lead teams to execute compliance programs, fostering coordination and ensuring high standards of ethics and integrity throughout the bank.Stakeholder Management: Collaborate with internal departments and management to embed compliance into business operations and digital products.Requirements include deep expertise in anti-money laundering (AML) practices, KYC, and broad regulatory compliance within banking or fintech. Familiarity with UAE digital banking regulatory expectations, fluency in English, and strong policy development skills are essential. Arabic proficiency is beneficial.

PermanentUnited Arab EmiratesHybrid
Finance
07/07/2025

Risk Officer

Risk Officer – Internal Controls & Risk AssessmentThis position is responsible for evaluating and enhancing the organization’s internal control environment, with a focus on identifying control weaknesses and recommending improvements. The role includes:Assessing internal control systems through regular reviews and evaluations of control procedures, processes, and policies to confirm their effectiveness in meeting organizational objectives and mitigating risk.Performing control testing to verify that controls are functioning as intended, using walkthroughs, periodic internal verifications, and compliance reviews to ensure adherence and desired outcomes.Monitoring incidents and deficiencies by tracking issues in the control environment, collaborating with process owners to implement corrective actions, and ensuring timely resolution.Recommending enhancements to remediate control deficiencies and strengthen internal controls, working jointly with management and process owners to deploy and monitor these improvements.Developing and documenting internal control policies, procedures, and guidelines, ensuring clarity, effective communication, and alignment with best practices and industry standards.Risk Identification and Assessment: Identifying organizational risks and vulnerabilities, conducting risk assessments to evaluate impact and likelihood, and determining if current controls are sufficient to mitigate these risks.Collaborating with stakeholders across departments to prioritize risks and develop tailored risk management strategies.Facilitating information flow related to controls, ensuring awareness and compliance across the organization.Proficiency in English, French, and Dutch is highly valued in this role.

PermanentBelgiumOn site

Le job de vos rêves n’est plus qu’à un clic.

Envoyez-nous votre CV et nous vous mettrons directement en contact avec l'un de nos recruteurs spécialisés qui vous guidera dans la recherche de l'emploi de vos rêves !

Numéro de téléphone
Phone
Candidats

Témoignages

Les consultants Gentis ont toujours tenu compte de plusieurs éléments afin de nous présenter les bons candidats. Les personnes que l'on a recruté sont toujours là et personnellement,je suis très content des personnes qu’on a récemment inclus dans l’équipe.
Joakin / Deputy-AMLCO, PPS
Les résultats sont impressionnants ! En 3 ou 4 ans, nous avons conclu plus de 20 contrats. Gentis offre un canal transparent pour communiquer avec les candidats via différentes sources.
Morgan / HR, CAF
Voir les études de cas
Blog

Derniers articles

15 min de lecture
17 janv. 2025

Comment mettre en place sa stratégie marque employeur ? Découvrez les 7 étapes

La marque employeur est un concept marketing indispensable à toute entreprise qui souhaite soutenir son attractivité et fidéliser ses talents. Si les raisons de construire une marque employeur solide et positive sont évidentes, ce travail, pour qu’il soit réussi, ne peut se faire en deux temps trois mouvements. Il demande de mettre en œuvre un certain nombre d’actions.

10 min de lecture
05 août 2024

Les tendances incontournables de l’employer branding en 2024

L'employer branding a évolué pour devenir un incontournable pour les entreprises qui cherchent à se distinguer dans la course aux talents.

15 min de lecture
15 mai 2024

Marque employeur : 7 erreurs à ne surtout pas commettre

Back Market, KPMG, Dassault, Shine… Ces entreprises de taille différente ont une marque employeur forte leur garantissant une attractivité et une fidélisation à faire pâlir leurs concurrents.

Marque Employeur
Voir plus

Rejoignez notre communauté active de professionnels et découvrez votre potentiel.

Pour vous tenir au courant de nos dernières actualités.