A public‑sector IT operator for the French‑speaking Belgian administration runs a dedicated Security & Privacy Operational Taskforce to implement the NIS2 programme and strengthen operational security. This Cybersecurity Lead Implementer will work across vulnerability management, SonarQube-based application security and SIEM/traceability projects to translate governance into repeatable engineering and operational practices.
The mission
The SPOT team is delivering the organisation's NIS2 compliance programme and related operational projects, including continuity and disaster recovery planning, centralized traceability (SIEM/SOAR/SOC) and a lifecycle approach to vulnerabilities using the in‑house VRM platform and SonarQube for SAST. These initiatives touch development teams, infrastructure teams and service owners and aim to provide auditable controls and measurable KPIs for regulators and internal audit.
On a day‑to‑day basis the Cybersecurity Lead Implementer will coordinate the translation of security policy into operational controls, drive VRM workflows and SonarQube integration in CI/CD, and work with platform and operations teams to roll out logging, monitoring and incident playbooks. The role is delivery‑oriented and involves stakeholder coordination, technical design reviews and producing dashboards for decision makers.
Your responsibilities
- Lead the implementation of NIS2 controls across projects, producing traceable evidence and control mappings for audits
- Drive the vulnerability management lifecycle, owning VRM processes, SonarQube SAST integration and remediation prioritisation
- Design and maintain BCP and DRP artefacts, define RTO/RPO targets with service owners and validate recovery exercises
- Coordinate deployment of centralized traceability, SIEM and monitoring use cases, and define logging standards across platforms
- Establish IAM review processes with application and infrastructure teams to reduce excess privileges and enforce least privilege
- Produce KPI dashboards and regular reports that track compliance posture, vulnerability trends and DR readiness
Your profile
Essential skills
- Senior experience in cybersecurity delivery, with practical knowledge of ISO 27001/27002 and NIS2 implementation
- Proven capability in vulnerability management, VRM tooling and SonarQube SAST integration into CI/CD pipelines
- Strong experience designing BCP/DRP exercises, defining RTO/RPO and translating them into operational runbooks
- Hands‑on knowledge of SIEM, logging and monitoring architecture and of producing security dashboards and KPIs
- Familiarity with Identity and Access Management processes, cloud security controls and ITSM/ticketing workflows
- Effective stakeholder communicator able to coordinate cross‑functional teams and drive audit‑grade evidence
Languages
- French, C1
- English, B2