Cybersecurity Risk Management Lead – EU Institution

Leonardo Belgium is supporting a major European Institution in strengthening its cyber defense, risk management, and governance capabilities.

You will join a high-impact cybersecurity environment where risk visibility, strategic alignment, and informed decision-making are critical. The role sits at the core of cybersecurity governance, ensuring risks are properly identified, assessed, and managed across a complex, multi-site and hybrid infrastructure.

This is not a purely analytical role, you will combine technical expertise with leadership and stakeholder interaction in a highly regulated, international environment to drive risk-based decisions. This role is suited for experienced cybersecurity professionals who have operated in high-stakes environments and are comfortable taking the lead and influencing executive-level decision-making.

Job Specifications

• Location : Luxembourg (3 days on-site 2 days remote from a nearby location)

• Urgent need : Early application heavily encouraged

• Start date : End of April / Early May

• Type of contract: Freelance / B2B

As Cybersecurity Risk Management Lead, you will own and drive the cybersecurity risk management lifecycle, ensuring alignment between security risks, business objectives, and regulatory requirements. You will coordinate efforts to identify, assess, and manage risks, translating technical findings into business-relevant insights and actions.

You will:

• Lead cybersecurity risk assessments, identifying threats, vulnerabilities, and business impacts

• Define and maintain the risk management framework (ISO 27005, NIST or equivalent)

• Drive the development and monitoring of risk treatment plans (mitigation, transfer, acceptance, avoidance)

• Act as SPOC for cybersecurity risk topics, coordinating stakeholders across teams

• Prepare and present risk reports to senior management and governance bodies

• Ensure alignment between cybersecurity risk management and organizational strategy

• Assess and manage third-party and supply chain risks

• Ensure compliance with regulatory and legal frameworks (e.g. GDPR, NIS2)

• Support decision-making by translating technical risks into business impact

• Contribute to the evolution of risk governance processes and reporting frameworks

Experience / Education / Certification Requirements

• Proven experience leading or coordinating cybersecurity risk management activities within complex, large-scale environments

• Experience managing risk frameworks, governance, and reporting at organizational level

• Previous exposure to EU institutions or regulated environments is a plus

• A degree in Computer Science, Cybersecurity, or a related field is considered an asset

• At least one cybersecurity-related certification

Personal Attributes

• Ability to lead and coordinate under pressure

• Strong communication skills with both technical and non-technical stakeholders

• Structured, analytical mindset with strong problem-solving abilities

• Comfortable working in a fast-paced, international environment

• Strong command of English, French and/or Italian are assets

Technical Skills

• Strong knowledge of risk management frameworks (ISO 27005, NIST or similar)

• Understanding of regulatory and compliance frameworks (GDPR, NIS2, etc.)

• Experience in cybersecurity governance and policy development

• Ability to translate technical risks into business impact and strategic decisions

• Strong analytical and reporting capabilities

• Experience with risk assessment methodologies and tools

What’s in it for you?

• Work in a high-visibility cybersecurity environment within a major EU institution

• Take ownership of critical cybersecurity risk management activities

• Operate in a complex, multi-site and hybrid infrastructure

• Collaborate with international stakeholders and cyber experts

• Long-term assignment supporting critical cyber defense operations

Once we receive your CV, we will evaluate it carefully. Should there be a match for this or any other position at Leonardo Belgium, we will be in touch with you. In case there is no match now, we will make sure to keep your CV in consideration for future vacancies!