Information Security Officer NIS2

Information Security Officer (NIS2) – ISO 27001 / ISMS Operations
📍 Location: Brussels / Hybrid
📝 Contract: Time & Material
📅 Period: 28/02/2026 – 22/02/2027
⏳ Deadline: 15/01/2026

JPF Lawyers & Consultants is looking for an experienced Information Security Officer (NIS2) to support a client’s Digital Business Solutions (DBS) department. Reporting to the Team Leader/CISO, you will take ownership of the day-to-day operational management of the ISMS in line with ISO/IEC 27001, ensuring documentation, governance routines, risk follow-up and audit readiness stay robust and business-oriented. You will work across business and technical stakeholders to keep security controls effective, drive continuous improvement, and support NIS2-relevant maturity—particularly in areas such as risk acceptance, non-conformity management, configuration management, and ISMS management reviews. This role also includes hands-on support for incident response, awareness activities, and security in an OT environment, with potential scope to act as a BISO depending on needs.

🔍 Key Responsibilities

• Maintain and continuously improve ISMS governance & documentation, incl. Risk Acceptance Forms (RAF), non-conformities, and configuration management

• Maintain the risk register, update risk assessments, and track risk treatment plans from pentests/assessments/audits

• Prepare and support internal audits; coordinate corrective actions and follow-up on non-conformities

• Monitor key security controls (access rights/recertification, backups, DR/BC readiness)

• Support incident management with SOC and operational teams; capture lessons learned and feed them back into the ISMS

• Support awareness & training activities and reporting; track mandatory training completion

• Prepare and support ISMS management reviews; report KPIs/metrics and outcomes to the CISO

• Where relevant, support additional Security team activities and potentially take on a BISO role (Security by Design, requirements, proactive risk management)

✅ Why join JPF for this assignment?

• Combine independency with clear deliverables, strong collaboration and structured governance

• Join a trusted netword focused on quality, innovation and results

• Receive practical back-office and peer support when needed

✅ Must-have

• ISO/IEC 27001 Lead Implementer certification

• 5+ years of proven experience in a security team with hands-on ISMS management (Senior level)

• Proven experience preparing and supporting ISMS management reviews (minimum 2 completed)

• Strong experience with ISMS governance & documentation, including:

  • Risk Acceptance Forms (RAF)

  • Non-conformity management

  • Configuration management processes

• Proven experience with non-conformity processes and coordinating corrective actions

• Proven experience with configuration management and process design

• Proven experience across IT infrastructure and applications

• Proven experience reporting to Senior Management / C-level (strong presentation, reporting skills)

• Proven ability to align and coordinate with multiple stakeholders (e.g., CISO, Program Managers, business & technical stakeholders)

• Proven experience with security in an OT environment

• Ability to work independently, meet strict deadlines, and proactively ensure timely delivery

• Languages: fluent English + fluent French or Dutch, with passive knowledge of the other language

• Team player

⭐ Should-have

• Proven experience working with a DGO