Senior Information Security Analyst – NIS2 & ISO 27001

About the role

The Senior Information Security Analyst will bridge NIS2 and ISO 27001 audit requirements with practical implementation across IT and OT environments in the energy sector. You will ensure compliance with Belgian NIS2 law and ISO 27001, strengthening cybersecurity resilience and incident management for essential services.

Key responsibilities

• Analyse audit findings and translate them into clear remediation actions and functional requirements.
• Support and track remediation actions through to closure.
• Contribute to risk assessments, control design, testing, and third‑party risk evaluations.
• Maintain and improve security documentation (policies, standards, procedures, guidelines).
• Assist internal and external audits, ensuring all evidence is audit‑ready.
• Lead intake, scoping, planning and milestone definition for NIS2 and ISO 27001 compliance road‑maps.
• Perform gap analyses, impact assessments (As‑Is/To‑Be) and define compliant target states for Business, IT and OT.
• Collaborate with a wide stakeholder landscape across Business, IT, OT and external partners.

Required profile

• Senior‑level experience in information security, preferably within the energy sector.
• Strong analytical abilities and excellent communication skills.
• Proven track record of translating regulatory requirements into actionable technical specifications.
• Ability to manage complex stakeholder environments and drive projects to completion.

Required skills

• In‑depth knowledge of NIS2 regulatory framework.
• Expertise in ISO 27001 implementation and audit processes.
• Experience with risk assessment and control testing methodologies.
• Familiarity with IT and OT security environments.

What we offer

• Opportunity to work on critical infrastructure security.
• Collaborative environment with cross‑functional teams.
• Professional development in emerging cybersecurity standards.