Overview
Expert Supply Chain & Cybersecurity Risk – Third Party Security (TPRM) Jobs in Brussels Metropolitan Area at USG Professionals Belgium
Title: Expert Supply Chain & Cybersecurity Risk – Third Party Security (TPRM)
Company: USG Professionals Belgium
Location: Brussels Metropolitan Area
🧭 About the mission
In an increasingly interconnected IT & OT environment 🌐, securing the supply chain has become a critical cybersecurity priority.
We are looking for a Supply Chain & Cybersecurity Risk Expert to strengthen third-party security and ensure effective management of risks related to suppliers, partners, and subcontractors.
You will join the IT Security team and report directly to the IT Security Manager.
🔐 Your mission
You will play a key role in securing the external ecosystem and managing cyber risks linked to third parties.
Your responsibilities include:
🛡️ Strategy & governance
- Define and maintain the supply chain security strategy (IT & non-IT)
- Design and evolve Third Party Risk Management (TPRM) processes
- Contribute to overall cybersecurity governance for suppliers
🔍 Risk management & assessments
- Identify, assess, and analyze cyber risks related to third parties
- Conduct security audits and maturity assessments (ISO 27001, NIS2, SOC2, etc.)
- Monitor remediation plans and risk indicators
📑 Compliance & contractual security
- Support the integration of security clauses in supplier contracts
- Ensure alignment with key standards and regulations (ISO, NIST, NIS2, DORA…)
🤝 Stakeholder & supplier management
- Work closely with Procurement, Legal, IT, and Business teams
- Raise awareness on third-party cybersecurity risks
- Coordinate interactions with suppliers and partners
📊 Reporting & continuous improvement
- Track supplier risk KPIs
- Propose remediation actions and improvement plans
- Monitor cybersecurity threats and regulatory changes
🧠 Your profile
- Proven experience in cybersecurity and/or third-party risk management
- Strong expertise in Supply Chain Risk Management / TPRM
- Good knowledge of frameworks: ISO 27001/27005, NIST, NIS2, DORA, SOC2
- Strong analytical mindset, structured and autonomous working style
- Excellent written and verbal communication skills
- Strong prioritization and stakeholder management abilities
🛠️ Key skills
- Cyber Security (expert) 🔐
- Supply Chain Management (expert) 📦
- ISO 27001 Lead Implementer (expert)
- CRISC / P3O (plus)
🌍 Languages
- Dutch or French: native or bilingual 🇧🇪
- English: professional working proficiency
⭐ Why this role?
- Strategic cybersecurity role with high business impact
- Direct influence on supplier and third-party risk posture
- Highly regulated and evolving environment
- Strong cross-functional exposure (IT, procurement, legal, business)
- Long-term mission with real transformation impact 🚀