Information Security Manager for European Institutions - Deloitte


Deloitte is a world leading professional services firm, providing management consulting, accounting and auditing services, but also legal and tax advice. In Belgium we are the largest professional service provider. Our offices offer services to multi-national and large organisations, public institutions and innumerable small, fast-growing companies. Thanks to a strong regional presence and our multi-disciplinary approach, we are ideally placed to meet the requirements of a wide range of public institutions and small and large companies.


Our Risk Advisory practice (part of the Consulting and Advisory business) is a global leader in helping clients manage risk and uncertainty from the boardroom to the network. We provide a broad array of services that allow our clients around the world to better measure, manage and control risk to enhance the reliability of systems and processes throughout their organization.


In response to the rapid growth in both the sophistication and intensity of cyber threats, it has become apparent that static defensive measures, while remaining important, are no longer sufficient. A set of analytical techniques is emerging to pre-empt and counter attacks using previously unknown methods, often remaining passive within systems until activated. This has produced a market which is changing quickly as technologies mature.


Your Responsibilities


The Information Security Manager is an engineer and an ICT high level expert in the "Service Design" domain of IT security services as it applies to the European Institutions (European Cimmission, European Parliament, European Council, the Agencies and other European bodies).


He/she will support our clients – European Institutions – to ensure confidentiality, integrity and availability of assets, data and services in line with applicable European regulations and standards (C3602, DG DIGIT security standards, PM2 Project Management framework etc.)


As an Information Security Manager you will help our clients – European Institutions – to:


  • address the increasing set of cyber security challenges that are persistent at European level;
  • align the information security strategy and planning with the organisation’s business goals of the various European Institutions involved;
  • contribute to the development of the maintenance of the information security budget together with the ICT and finance stakeholders.
  • manage risks assessments and analysis to identify threats, categorise assets, and rate system vulnerabilities so that they can implement effective controls;
  • review and update sound corporate information security policy framework, implement it, while setting an information security management system.
  • ensure that the provision of information availability, integrity and confidentiality and they are recognized as ICT security policy experts by internal and external stakeholders.
  • enhance Security services focusing on incident detection and response, while concentrating on the prevention aspect also by capitalizing on the lessons and recommendations learned from passed incidents and recurring security assessments;
  • ensure implementation of a sound and robust security in depth defense infrastructure in the Security architecture aiming to provide a safe communication and information infrastructure for the community and information systems.
  • design, integrate and implement complex Security solutions from a technical perspective


You will interact and work together with teams of Deloitte information security experts, with European officials and with complex teams in understanding the information security challenges of the European Institutions and defining mitigation actions to better manager theirs risks and improve their security posture in cost-effective manner.

  • As a information security professional you have the necessary knowledge of current best practices combined with out-of-the-box thinking to help our European Institutions clients addressing the cyber security challenges that are relevant at European level;
  • You obtained several years of experience in information security in a high profile environment, implying experience with international organisations and with public sector cyber security actors;
  • Prior experience in working with European Institutions, national-level cyber security actors, CERTs/CSIRTs is highly valuable and represents a major plus;
  • Good knowledge and understanding of the latest EU-level and international level cyber security developments, actors and trends is mandatory;
  • You have a solid technical background with a desire to translate this into business value. You have in-depth knowledge in complex IT infrastructure, networking, operating systems, ERP systems, (web) applications and databases;
  • You have a good understanding of IT related risks and cyber security threats and remediation/mitigation measures;
  • You have a proven track record and ability to prepare and facilitate workshops with technical and non-technical people on a variety of cyber security topics (risk analysis, Business Impact Assessment, security testing brief etc.)and have very strong formal communication, reporting and synthesis skills;
  • You display a strong interest in the policy, technical and organizational aspects of cyber security and have specific knowledge and competencies in security standards (such as ISO 27001, NIST, etc.);
  • Cyber security, information security or other relevant technical certifications are a plus;
  • Your approach is result-oriented. You have an analytical mindset, can work autonomously, deliver very high quality outcome and can handle multiple projects simultaneously;
  • You are able to plan and execute a project to deliver a superior client experience. Next to that, you are able to build an in-depth knowledge of the client’s business and stay up-to-date on industry activities, marketplace trends, innovation efforts, and leading practices
  • You have fluent language skills (English is mandatory) and preferably also Dutch or French) and you are a real team player.


How you’ll grow


At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help build world-class skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programmes at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career.


Your role as a leader


At Deloitte, we believe in the importance of leadership at all levels. We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people and for society, and make an impact that matters. In addition to living our purpose, managers across our organisation:


  • Develop high-performing people and teams through challenging and meaningful opportunities
  • Deliver exceptional client service, maximise results and drive high performance from people while fostering collaboration across businesses and borders
  • Influence clients, teams and individuals positively, leading by example and establishing confident relationships with increasingly senior people
  • Understand key objectives for clients and Deloitte, align people to objectives and set priorities and direction


What’s in it for you


At Deloitte, we know that great people make a great organisation. We value our people and offer employees a broad range of benefits.


You’ll work in a collaborative, creative environment where innovation is key. Personal development and growth are encouraged and continuous learning and coaching are part of the people culture.


You’ll receive an attractive and competitive salary with fringe benefits.


Our purpose


Deloitte is led by a purpose: to make an impact that matters. Every day, Deloitte people are making a real impact in the places they live and work. We pride ourselves on doing not only what is good for clients, but also what is good for our people and the communities in which we live and work—always striving to be an organisation that is held up as a role model of quality, integrity and positive change.