Gentis
Gentis
Home

JobsMissionsMediaUse cases
Je kunt ons altijd bereiken via
hello@gentis.com

Onze laatste vacatures

Vind uw droombaan!

ICT Security Risk Officer – Banking Compliance

20/06/2025
PermanentLuxembourgOn site
Kopiëren naar klembord
Functieomschrijving

Job Summary

The ICT & Security Risk Officer will play a key role in supporting the organization’s cybersecurity and information security risk management framework. This dual-role position is responsible for assisting in the implementation of security policies, monitoring IT risks, and ensuring compliance with industry standards and best practices. The successful candidate will work closely with IT, Risk, Compliance departments, and business units to safeguard digital assets and minimize cybersecurity threats.

Key Responsibilities

 

Information Security Responsibilities:

Assist in the development and enforcement of security policies, procedures, and guidelines.

Monitor and analyze security alerts, incidents, and vulnerabilities, and provide recommendations for mitigation.

Support the management of security awareness programs and training for employees.

Participate in security assessments, penetration testing, and vulnerability scans.

Assist in reviewing and implementing access control measures to protect sensitive data.

Contribute to incident response planning and support investigations when necessary.

Stay updated with emerging threats, vulnerabilities, and security trends.


ICT Risk Responsibilities:

Assist in identifying, assessing, and mitigating IT and cybersecurity risks.

Support the execution of ICT risk assessments and audits.

Maintain risk registers and track remediation actions to reduce exposure to threats.

Contribute to business continuity and disaster recovery planning and testing.

Ensure compliance with regulatory and industry standards such as ISO 27001, NIST, GDPR, DORA and other relevant frameworks (CSSF and others).

Work with internal teams to implement risk management strategies and controls.

Prepare reports and presentations on security and risk findings for management.

Profielbeschrijving

Qualifications & Experience:

2-5 years of experience in information security, risk management, or IT governance.

Good knowledge of security frameworks such as ISO 27001, ISO 27005, NIST CSF, and ISACA.

Familiarity with risk management methodologies and security controls.

Familiarity with financial industry and its regulations (CSSF).

Knowledge of DORA (Digital Operational Resilience Act).

Good understanding of networking, infrastructure security, and data protection concepts.

Experience with security tools such as SIEM, IDS/IPS, and vulnerability scanners is a plus.

Scripting, Automation skills and Industry certifications such as CompTIA Security+, CRISC, or ISO 27001 and others foundation are an advantage.

Kopiëren naar klembord

Vergelijkbare banen

ICT
08/07/2025

Développeur Backend Laravel Sénior

En tant que Développeur Backend Laravel Sénior, le poste implique d’être pleinement investi dans la conception, l’implémentation et l’optimisation de la plateforme applicative. Tu t’attacheras à développer de nouvelles fonctionnalités, tout en perfectionnant celles déjà existantes pour garantir une performance optimale.Participer activement au cycle de développement, du découpage du backlog jusqu’aux mises en production en mode sprint.Coder des modules complexes en reliant les problématiques métiers et l’architecture technique.Maintenir et améliorer la qualité du code, et appliquer rigoureusement des tests unitaires et fonctionnels avec PHPUnit.Diffuser et formaliser les bonnes pratiques de développement au sein de l’équipe technique.Interfacer et sécuriser les échanges d’informations à l’aide d’API REST et d’authentification OAuth2.Utiliser la stack technique composée de Laravel/PHP, MySQL, Docker, GitLab CI/CD, Jira et AWS, avec une expertise attendue sur le développement de packages Composer, le stockage de données (ElasticSearch) et l’architecture event sourcing.Collaborer dans un environnement d’intégration et de livraison continue (CI/CD) et sur des problématiques DevOps liées à l’infrastructure cloud et au déploiement.Contribuer à l’évolution technique de l’équipe, tout en participant au maintien d’un environnement de travail convivial et innovant.

Fixed termBelgiumOn site
ICT
07/07/2025

Medior Full-Stack Developer & Tech Lead (NextJS, Supabase, TypeScript)

Functieomschrijving:Bijdragen aan de ontwikkeling van een moderne NextJS-toepassing die gebruikmaakt van Supabase, Deno en TypeScript, met een focus op zowel frontend- als backendwerkzaamheden.Geleidelijk het technisch leiderschap overnemen en de richting bepalen van het project, inclusief het maken van beslissingen over architectuur en technologieën.Verantwoordelijkheid nemen voor de full-stack ontwikkeling, waaronder het ontwerpen, implementeren en onderhouden van microservices en het opzetten van databasemodellen (bij voorkeur PostgreSQL).Binnen een team in Gent (Zwijnaarde) werken, waarvan drie tot vijf dagen per week op kantoor, in nauwe samenwerking met collega’s.Actief communiceren over technische keuzes, vooruitgang en de visie voor het project, zowel in het Nederlands als het Engels.Verantwoordelijkheden:Nieuwe functionaliteiten uitdenken en ontwikkelen voor het platform.Architecturale beslissingen nemen met betrekking tot microservices en schaalbaarheid.Onderhouden en verbeteren van bestaande codebase met TypeScript en JavaScript.Beheren van client-server communicatie en (optioneel) bijdragen aan productmanagementtaken.Zorg dragen voor actuele kennis van recente technische ontwikkelingen.Wij bieden:Een jong, dynamisch team.Flexibiliteit in werktijden en zelfstandigheid in het uitvoeren van taken.Beschikking over een bedrijfs-laptop (MacBook).

Fixed termBelgiumOn site
ICT
07/07/2025

Expert(e) Analyse de Risques Cybersécurité (Mission)

RESA recherche un(e) Expert(e) Analyse de Risques de Cybersécurité pour accompagner la mise en conformité aux directives NIS 2 et Cyber Resilience Act (CRA).Mission d’une durée initiale de 5 mois et demi, renouvelable. Travail partiellement possible en télétravail après une période d’adaptation, avec une présence requise sur le site de Liège au moins 4 jours/semaine.Réalisation et revue d’analyses de risque cybersécurité en conformité avec NIS 2 et CRA, en s’appuyant sur une solide expertise technique.Identification des vulnérabilités techniques, incohérences d’architecture, points de défaillance uniques, faiblesses de redondance et des dispositifs de secours.Analyse des impacts techniques et organisationnels sur les métiers, la continuité d’activité (BCM) et la sécurité de l’information.Formulation de recommandations concrètes visant à renforcer la sécurité, la résilience et le respect des cadres réglementaires applicables.Appui technique transversal pour relier exigences métiers, architectures informatiques, et enjeux de résilience, en binôme avec un spécialiste gouvernance et métier.Les activités quotidiennes comprennent l’évaluation et la gestion des vulnérabilités, la gestion de la sécurité des endpoints, ainsi qu’une participation active aux échanges en français et en anglais pour garantir la robustesse des analyses et des livrables en contexte international.

Fixed termBelgiumHybrid
Finance
07/07/2025

Risk Officer

Risk Officer – Internal Controls & Risk AssessmentThis position is responsible for evaluating and enhancing the organization’s internal control environment, with a focus on identifying control weaknesses and recommending improvements. The role includes:Assessing internal control systems through regular reviews and evaluations of control procedures, processes, and policies to confirm their effectiveness in meeting organizational objectives and mitigating risk.Performing control testing to verify that controls are functioning as intended, using walkthroughs, periodic internal verifications, and compliance reviews to ensure adherence and desired outcomes.Monitoring incidents and deficiencies by tracking issues in the control environment, collaborating with process owners to implement corrective actions, and ensuring timely resolution.Recommending enhancements to remediate control deficiencies and strengthen internal controls, working jointly with management and process owners to deploy and monitor these improvements.Developing and documenting internal control policies, procedures, and guidelines, ensuring clarity, effective communication, and alignment with best practices and industry standards.Risk Identification and Assessment: Identifying organizational risks and vulnerabilities, conducting risk assessments to evaluate impact and likelihood, and determining if current controls are sufficient to mitigate these risks.Collaborating with stakeholders across departments to prioritize risks and develop tailored risk management strategies.Facilitating information flow related to controls, ensuring awareness and compliance across the organization.Proficiency in English, French, and Dutch is highly valued in this role.

PermanentBelgiumOn site
ICT
07/07/2025

Security Architect – DevSecOps & SSDLC

Position Overview: The Security Architect – DevSecOps & SSDLC plays a critical role in ensuring that security is seamlessly integrated at every stage of the software development lifecycle, from initial design through deployment and ongoing management. This role directly supports a large-scale initiative to enhance data exchange standards and develop a centralized system within a liberalized energy market.Embed Security by Design and Security by Default: Proactively integrate robust security principles and controls from the outset of software design and throughout feature development.Champion Security Across CI/CD: Ensure that security remains a continual focus across the entire CI/CD pipeline as well as the broader software development lifecycle, applying best practices and innovative solutions.Support Compliance and Cyber Resilience: Oversee and maintain compliance with regulatory and industry standards, while ensuring the project’s resilience to cyber risks and threats.Contribute to Strategic Initiatives: Participate in and provide security expertise to initiatives aimed at improving data exchange and creating scalable solutions for the evolving energy sector.Technical Expertise: Apply advanced knowledge in DevSecOps, Secure Software Development Lifecycle (SSDLC), and tools integration—particularly within Azure DevOps and, where relevant, other platforms such as CircleCI, integration or endpoint security solutions.Security Testing and Evaluation: Lead and execute security assessments and integration testing, applying automated tooling to monitor and enhance the security posture of platforms supporting development teams.Advise on Identity & Access Management: Take ownership of identity and access management security aspects for systems, supporting secure architecture decisions and implementations.Required Linguistic Skills: Advanced written and spoken proficiency in English and either French or Dutch; strong knowledge of the second national language is highly desirable.Education: Bachelor’s or Master’s degree preferred.

Fixed termBelgiumHybrid

De perfecte match is nog maar één stap hiervandaan.

Stuur ons direct uw CV en wij brengen u in contact met een van onze gespecialiseerde recruiter die u zal begeleiden in de zoektocht naar uw droombaan!

Telefoonnummer
Phone
Kandidaten

Referenties

Sluit aan bij onze community van professionals en ontdek je potentieel om een verschil te maken in de wereld.

Blijf op de hoogte van het laatste nieuws.