Responsibilities
* Support clients in achieving and maintaining compliance with cybersecurity regulations and standards such as NIS2, ISO/IEC 27001, TISAX, and GDPR.
* Conduct cybersecurity assessments, gap analyses, and risk assessments to identify remediation actions and improvement opportunities.
* Design, implement, and maintain Information Security Management Systems (ISMS) aligned with international standards and best practices.
* Analyze business processes, operational dependencies, and critical systems in order to define business continuity parameters such as RTO, RPO, and MTPD.
* Manage consulting engagements related to audit readiness, certification support, and regulatory compliance programs.
* Act as a Virtual CISO (vCISO), providing strategic guidance on cybersecurity governance, risk management, and organizational security posture.
* Develop cybersecurity policies, procedures, standards, and governance documentation.
* Deliver training and awareness sessions on cybersecurity, compliance, and security best practices.
* Monitor regulatory and compliance developments, advising clients on emerging requirements and their operational impact.
* Collaborate with experienced consultants and international teams and with technical and business stakeholders to integrate cybersecurity into organizational processes and digital transformation initiatives.
* Work on high-impact cybersecurity and compliance projects to grow expertise across governance, risk, compliance, and cybersecurity domains.
Qualifications
* 3–5 years of experience in cybersecurity consulting, compliance, governance, or information security management.
* Strong knowledge of cybersecurity frameworks and regulations, including NIS2, ISO/IEC 27001, TISAX, GDPR.
* Proven experience in security audits, risk assessments, gap analyses, and compliance programs.
* Experience in designing and implementing security governance frameworks and compliance processes.
* Knowledge of Business Continuity and Disaster Recovery principles and related methodologies (e.g., ISO 22301, ISO/TS 22317).
* Strong analytical, organizational, and documentation skills.
* Excellent communication and stakeholder management capabilities.
* Ability to work independently and manage projects with varying timelines and priorities.
* Client‑oriented mindset with a methodical and detail‑focused approach.
* Availability to travel for short, medium, or long‑term assignments when required.
* English proficiency at B2 level or higher.
Preferred Qualifications
* Degree in Computer Science, Engineering, Cybersecurity, Law, or a related field.
* Professional certifications such as ISO/IEC 27001 Lead Auditor, ISO/IEC 27001 Lead Implementer, CISA, CISM, CISSP.
* Previous experience as a Virtual CISO, Compliance Manager, or Information Security Manager.
* Familiarity with risk management and business continuity methodologies such as ISO 31000, ISO/IEC 27005, NIST Cybersecurity Framework, ISO 22301.
* Experience in regulated industries such as automotive, energy, manufacturing, healthcare, or financial services.
* Experience with GRC platforms and interactions with certification/accreditation bodies.
* Technical understanding of cloud security (AWS, Azure, GCP), SIEM and SOC environments, vulnerability management, network security architectures, Identity and Access Management (IAM).
Benefits
* Comprehensive benefits package supporting professional growth, personal well‑being, and work‑life balance.
* Corporate welfare platform offering healthcare support.
* Work‑life kit with welcome package, digital meal vouchers, and flexible reimbursement options.
* Continuous learning and development opportunities, certification support, and incentives for skill advancement.
* Modern, collaborative office spaces and flexible work arrangements.
#J-18808-Ljbffr