Senior GRC

We're Hiring: Senior GRC & Cybersecurity Consultant (NIS2 / ISO 27001)

Are you a seasoned professional in Governance, Risk & Compliance (GRC), auditing, and cybersecurity with real hands-on experience?

Do you thrive on translating complex regulatory requirements into actionable steps that make a difference for clients? If yes — then I want you in my team.

Important:

• Only senior candidates with proven track records in GRC, auditing, and cybersecurity will be considered.
• You must provide at least one recommendation from a previous employer or client.
• Salary is not a limitation — but quality and integrity are non-negotiable.

What You'll Be Doing

• Lead NIS2 and ISO 27001 gap analyses to assess client readiness.
• Develop and deliver implementation roadmaps to meet compliance requirements.
• Support clients in drafting and implementing security policies, processes, and control documentation.
• Provide guidance on technical and organizational measures required under NIS2 and ISO 27001.
• Conduct risk assessments and define risk treatment plans.
• Assist clients with their Information Security Program as their CISO.
• Deliver training and awareness sessions on compliance obligations.
• Work closely with security architecture teams and leadership to ensure compliance aligns with operational security.
• Solid understanding of major vendors in: ITSM, SIEM / XDR, Exposure Management, Key Management, Identity Governance and Administration, Privileged Access Management, OT Security.
• Stay ahead of regulatory changes and industry best practices.

What You Need To Bring

• 5+ years of experience in information security compliance, auditing, or consulting.
• Hands-on experience as CISO, ISMS implementation, and/or auditing.
• Strong knowledge of NIS2 directive requirements and their application to essential and important entities.
• Proven ability to deliver high-quality documentation, reporting, and presentations.
• Proven ability to operationalize GRC, IT Security operations in complex organizations.
• Relevant certifications (preferred): ISO 27001 Lead Implementer/Auditor, CISM, CRISC, CISA, CISSP.
• Ability to interpret complex compliance requirements into clear, actionable steps.
• Solid understanding of security controls, risk management, and governance frameworks.
• Familiarity with GDPR, CIS Controls, NIST or similar frameworks.
• Strong independence, maturity, and a customer-first mindset.
• Fluent in English (written and spoken).

Why Join?

• Work on high-impact projects with clients across critical industries.
• Be part of a lean, senior-only team where expertise is valued above all else.
• Freedom to operate with independence and responsibility.
• Competitive compensation—if you're the right fit, salary will not be an issue.

If you're a senior GRC and cybersecurity professional with the hands-on skills to make compliance real—and not just theoretical — let's talk.