Gentis
Gentis
Home

JobsMissionsMediaUse cases
Je kunt ons altijd bereiken via
hello@gentis.com

Onze laatste vacatures

Vind uw droombaan!

Third-Party Risk Manager – NIS2 Compliance

13/08/2025
Fixed termBelgiumHybrid
Kopiëren naar klembord
Functieomschrijving

Position Overview: The Third-Party Risk Manager is responsible for overseeing and mitigating information security risks related to external suppliers, service providers, and business partners. The primary objective is to ensure strict compliance with the NIS2 Directive and international standards such as ISO 27001, safeguarding the organisation from risks introduced by third parties.

  • Develop governance structures and processes for third-party risk management, ensuring integration with overall compliance frameworks.
  • Evaluate and classify suppliers based on criticality and risk profile, using established methods aligned with NIS2 requirements.
  • Conduct due diligence and risk assessments for external partners, with a focus on regulatory compliance and risk mitigation.
  • Collaborate closely with internal stakeholders including CISO, procurement, IT, and legal teams, to embed robust security clauses and processes throughout the supplier lifecycle.
  • Monitor ongoing compliance through the implementation of KPIs, SLAs, audits, and data-driven reporting dashboards.
  • Manage incident reporting and escalation with third-party suppliers in accordance with NIS2 Directive timelines and best practices.
  • Organise awareness and training sessions for suppliers, focusing on supply chain security and adherence to NIS2 requirements.
  • Act as the central point of contact for all matters relating to third-party information security risk management and NIS2 implementation.

Requirements:

  • Demonstrable background in information security, cybersecurity, or risk management roles.
  • Thorough knowledge of the NIS2 Directive and/or international standards such as ISO 27001.
  • Proven experience managing suppliers, conducting audits, and defining security clauses in contractual agreements.
  • Advanced skills in communication, reporting, and stakeholder engagement.
  • Fluency in Dutch or French, and professional proficiency in English is essential for this role.
Profielbeschrijving

We are looking for candidates who excel in navigating complex compliance environments and have a keen understanding of the evolving regulatory landscape, particularly with regards to information security and supply chain risk. The ideal person is solution-oriented, demonstrating exceptional analytical abilities and a rigorous attention to detail when assessing third-party risks and ensuring robust governance.

  • Proven expertise in information security, cybersecurity, or risk management, with a demonstrable track record of implementing best practices and frameworks.
  • Strong grasp of the NIS2 Directive as well as standards such as ISO 27001, particularly in the context of supplier management and compliance audits.
  • Skilled communicator who collaborates seamlessly with internal teams (such as IT, procurement, legal, and executive leadership) and external partners to drive a shared commitment to security.
  • Experience integrating security requirements into contracts, performing due diligence, and establishing effective reporting mechanisms and Key Performance Indicators (KPIs).
  • Natural leader and facilitator with the confidence to act as the central point of contact for all matters related to third-party security and NIS2 alignment, fostering awareness through tailored training and stakeholder engagement.
  • Insightful evaluator who applies a structured and pragmatic approach to risk assessment, supplier classification, and oversight of contractual compliance, incident reporting, and audit processes.
  • Resourceful and proactive mindset, always seeking to anticipate emerging risks and act decisively to uphold the organisation’s security posture.
  • Language proficiency in Dutch or French (fluent), with professional-level English communication skills ensuring effective interaction in a multilingual environment.

Those who thrive in this role are diplomatic yet assertive, comfortable making informed judgments, and capable of translating complex regulatory requirements into actionable strategies across the organisation and its third-party ecosystem.

Werklocatie
We zijn op zoek naar 1 functies.
Kopiëren naar klembord

Vergelijkbare banen

Compliance & Regulatory Affairs
09/08/2025

Information Security Associate Manager (ISM)

Rattachement hiérarchiqueManager hiérarchique : Risk & Compliance ManagerManager fonctionnel : Chief Information Security Officer (CISO)LieuCasablancaPérimètre du posteLe Information Security Associate Manager est le responsable opérationnel et process owner des activités liées à la protection de la confidentialité et de l’intégrité des données critiques de l’entreprise (clients, employés, partenaires).Il veille à la conformité des pratiques locales avec les stratégies de sécurité définies par le CISO HQ, afin d’atteindre les objectifs et standards de l’organisation.Missions principalesGouvernance & PolitiquesDéfinir, mettre en œuvre et maintenir les politiques et procédures locales de sécurité de l’information.Garantir l’alignement avec les stratégies globales définies par le CISO HQ.Identifier, évaluer et gérer les risques de sécurité, réaliser des audits internes et proposer des plans de remédiation.Sensibilisation & FormationDévelopper et animer des programmes de sensibilisation à la sécurité auprès des employés, partenaires et prestataires.Former les nouveaux arrivants aux bonnes pratiques de sécurité et aux politiques internes.Suivi & ConseilAgir comme consultant interne en sécurité pour les projets et systèmes de l’entreprise.Examiner et valider les plans de sécurité mis en œuvre dans les systèmes et réseaux de l’organisation.Assurer la liaison avec les équipes IT pour veiller à la conformité et remonter les incidents non résolus.Contrôle & ConformitéSurveiller et tester régulièrement les contrôles de sécurité pour garantir l’accessibilité et l’intégrité des données.Maintenir et superviser le Système de Management de la Sécurité de l’Information (ISMS) pour atteindre et conserver les certifications ISO 27001 et WLA-SCS.Assurer le maintien du Business Continuity Management System (BCMS).Gestion de crise & ContinuitéParticiper à la gestion des incidents majeurs et aux plans de reprise après sinistre.Coordonner les activités de continuité et de récupération des données en cas de crise.Compétences techniques clésGouvernance de la sécurité (ISO 27001, ISMS, BCMS)Évaluation et gestion des risquesPlan de continuité et reprise d’activité (BCP / DRP)Sensibilisation et formation à la sécuritéConformité réglementaire et audit interneSuivi des tendances et évolutions technologiques en cybersécurité

PermanentMoroccoHybrid
Compliance & Regulatory Affairs
04/08/2025

Consultant(e) - Chef de Département Conformité

Chef de Département Conformité – Management de Transition basé à Paris, responsable de piloter la stratégie conformité au sein d’un environnement réglementaire exigeant. Le poste comporte la supervision d’équipes dédiées à la conformité ainsi que la gestion de projets de transition et de transformation organisationnelle.Élaborer et actualiser les politiques internes en matière de conformité pour garantir le respect des obligations légales et réglementaires.Assurer une gestion proactive du risque, en déployant des méthodologies d'évaluation, de contrôle et de suivi des risques liés à la conformité.Consolider la gouvernance et veiller à l’alignement des procédures avec les exigences normatives nationales et internationales.Diriger les missions de changement organisationnel dans un contexte de management de transition, en accompagnant les équipes vers l’intégration de nouvelles pratiques.Gérer les relations avec les parties prenantes internes et externes (instances dirigeantes, supervision, autorités de régulation) pour garantir l’adhésion aux standards de conformité.Assurer le suivi des audits, la documentation des processus et la coordination des plans d’actions correctifs.Intervention dans des situations complexes nécessitant une expertise pointue en matière réglementaire, une forte capacité de leadership ainsi qu’une solide expérience de gouvernance et de transformation organisationnelle dans le secteur de la conformité.

Fixed termFranceHybrid
Compliance & Regulatory Affairs
04/08/2025

FREELANCE AML Analyst

Junior AML Analyst – Second Line Compliance focuses on supporting the organization's compliance framework, particularly within the second line of defense. The primary responsibilities include monitoring and investigating suspicious financial alerts, performing sanction screening, and ensuring rigorous adherence to Anti-Money Laundering (AML) practices. Conduct detailed review and assessment of system-generated alerts related to potential money laundering or terrorist financing activities.Carry out sanction screening for clients and transactions to identify matches with global watchlists and embargoed entities.Assist in the development, review, and update of internal policies to comply with banking laws and regulatory standards.Identify and escalate suspicious patterns for further investigation to ensure robust fraud detection and mitigation.Collaborate with various compliance teams to provide accurate documentation and reporting in both English and French.Support the ongoing effectiveness of the organization’s compliance program within the context of both the second and third line of defense.Remain up-to-date with ever-evolving regulations related to AML and compliance management in the financial sector.The role is essential for safeguarding the institution, maintaining operational integrity, and meeting legal requirements in a dynamic regulatory landscape.

Fixed termBelgiumHybrid
Compliance & Regulatory Affairs
18/07/2025

VP Compliance – Financial Crime & Regulatory (UAE National)

Role Overview: As the VP Compliance – Financial Crime & Regulatory, you will lead compliance operations for a digital-first bank, focusing on both Financial Crime Compliance and Regulatory Compliance. Reporting directly to the CCO, you will ensure the bank’s activities meet stringent regulatory and anti-financial crime obligations within the UAE’s evolving digital banking landscape.Corporate Governance: Oversee all compliance functions to ensure alignment with UAE laws and global best practices for digital banking.Financial Crime Compliance: Drive anti-money laundering and counter-terrorism financing initiatives, including risk assessments, KYC processes, and ongoing customer due diligence.Regulatory Engagement: Interface regularly with UAE regulators to maintain open channels of communication, clarify expectations, and manage audits or inspections.Policy Development: Develop, implement, and update compliance frameworks, policies, and controls to reflect regulatory changes and business growth.Monitoring & Reporting: Oversee monitoring programs to identify, investigate, and report suspicious activity internally and to relevant authorities.Team Leadership: Build, develop, and lead teams to execute compliance programs, fostering coordination and ensuring high standards of ethics and integrity throughout the bank.Stakeholder Management: Collaborate with internal departments and management to embed compliance into business operations and digital products.Requirements include deep expertise in anti-money laundering (AML) practices, KYC, and broad regulatory compliance within banking or fintech. Familiarity with UAE digital banking regulatory expectations, fluency in English, and strong policy development skills are essential. Arabic proficiency is beneficial.

PermanentUnited Arab EmiratesHybrid
Finance
07/07/2025

Risk Officer

Risk Officer – Internal Controls & Risk AssessmentThis position is responsible for evaluating and enhancing the organization’s internal control environment, with a focus on identifying control weaknesses and recommending improvements. The role includes:Assessing internal control systems through regular reviews and evaluations of control procedures, processes, and policies to confirm their effectiveness in meeting organizational objectives and mitigating risk.Performing control testing to verify that controls are functioning as intended, using walkthroughs, periodic internal verifications, and compliance reviews to ensure adherence and desired outcomes.Monitoring incidents and deficiencies by tracking issues in the control environment, collaborating with process owners to implement corrective actions, and ensuring timely resolution.Recommending enhancements to remediate control deficiencies and strengthen internal controls, working jointly with management and process owners to deploy and monitor these improvements.Developing and documenting internal control policies, procedures, and guidelines, ensuring clarity, effective communication, and alignment with best practices and industry standards.Risk Identification and Assessment: Identifying organizational risks and vulnerabilities, conducting risk assessments to evaluate impact and likelihood, and determining if current controls are sufficient to mitigate these risks.Collaborating with stakeholders across departments to prioritize risks and develop tailored risk management strategies.Facilitating information flow related to controls, ensuring awareness and compliance across the organization.Proficiency in English, French, and Dutch is highly valued in this role.

PermanentBelgiumOn site

De perfecte match is nog maar één stap hiervandaan.

Stuur ons direct uw CV en wij brengen u in contact met een van onze gespecialiseerde recruiter die u zal begeleiden in de zoektocht naar uw droombaan!

Telefoonnummer
Phone
Kandidaten

Referenties

De consultants van Gentis hebben altijd rekening gehouden met een aantal factoren om ons de juiste kandidaten voor te stellen. De kandidaten die we hebben aangeworven, werken nog steeds bij ons en persoonlijk ben ik erg tevreden dat we ze onlangs in ons team hebben opgenomen.
Joakin / Deputy-AMLCO, PPS
De resultaten waren indrukwekkend! In 3 tot 4 jaar hebben we meer dan 20 deals gesloten. Gentis biedt een naadloos kanaal om via verschillende wegen in contact te komen met kandidaten.
Morgan / HR, CAF
Bekijk de casestudies
Blog

Laatste artikels

15 Min gelezen
17 jan 2025

Een succesvolle employer branding-strategie, in 7 stappen

Employer branding is essentieel voor elk bedrijf dat talent wil aantrekken én behouden. Er zijn tal van goede redenen om een sterk merk als werkgever uit te bouwen. Maar zoiets doe je niet van vandaag op morgen. Hoe pak je dat aan, starten met employer branding?

10 Min gelezen
05 aug 2024

De strafste employer branding-trends van 2024

Employer branding is in sneltempo uitgegroeid tot een echte must voor werkgevers die het verschil willen maken, in de strijd om toptalent.

15 Min gelezen
15 mei 2024

7 risico’s die jouw imago als werkgever beschadigen

Bedrijven investeren vandaag aanzienlijke budgetten in de marketing van hun merk als aantrekkelijke werkgever.

Employer Branding
Bekijk alles

Sluit aan bij onze community van professionals en ontdek je potentieel om een verschil te maken in de wereld.

Blijf op de hoogte van het laatste nieuws.