The role:

KBC Global Services is the engine behind KBC Group – a leading bank-insurance group with over 41,000  talented employees serving more than 12 million clients across Europe. Since 2021, we have been supporting the digital transformation of KBC Group providing software development, QA, AI and other IT solutions working on a wide range of projects combining classical IT with digital banking. 
 
Our community accommodates talented professionals with years of experience as well as recent university graduates of different backgrounds who are results-driven and passionate about the success of our company.
 
Why us? Because we care. Choosing us, you are choosing work that works for you. 
 
Interested in the Mission of Our Third Party Inspect and Control Team? Well, here is some information:

TPSICT enables business and IT in the realization of their objectives by providing guidance and coaching in the process of selection, management and control of Third Party (IT) Services. TPS also enables KBC to ensure maximum leverage of opportunities, while remaining compliant and keeping risks under control.
 
As our Third Party Security Assessor, you would have the following responsibilities:
 
•    Ensuring that customers can use our services securely. Colleagues are trusting your advice on vendor assessments.
•    Reviewing vendor self-assessments questionnaires (Standard Information Gathering questionnaires) and provided evidence to confirm (or not) the self-assessment of the vendor.
•    Interpreting evidence provided by the vendor as part of the self-assessment.
•    Interpreting reports of security scans.
•    Drafting a Vendor Information Security Report and discuss this with the stakeholders ((B)ISO, Management)
•    Reviewing the vendor self-assessment in pre-contract phase and via periodically reassessments. This way KBC will be able to anticipate threats, we retain our customers' trust in our services and continue to innovate in a safe manner.
•    Reviewing and interpreting independent audit reports, including SOC 1/SOC 2 reports, ISO 27001 certification packages, and penetration test results, ensuring compliance with KBC and regulatory (e.g., DORA) expectations.

Key competences that will help you succeed:
 
•    Professional experience of at least: 3 years of experience in cyber security.
•    Ability to talk and understand both the Board level and the IT Engineers
•    Good quality diagnosis of the ‘as is’ situation
•    Convincing and leading: in presenting a risk controlled and workable ‘to be’ situation
•    Prior experience in IT audit, internal audit, or assurance, particularly evidence-based control evaluation
 
You are a perfect fit for us if:
 
•    You have strong analytical and synthesizing skills
•    You have strong communication skills
•    You are comfortable working with internationally recognized frameworks such as ISO 27001/27002, SOC 1/2, NIST, or CIS controls.
•    You enjoy diving into technical evidence, identifying control gaps, and transforming findings into clear, actionable risk insights.
•    You hold or are working toward professional certifications such as CISSP, CISA, ISO 27001 Lead Auditor/Implementer, CRISC, or other recognized security and audit certifications.
 
If you find this job opportunity interesting and you recognize yourself in the above, apply via the button with your CV in English. 

Please note that this is a maternity cover position.
 
Join. Create. Innovate with us!

Recruiter Name

Zlatina Ivelinova Petrova