Cyber Security Compliance Consultant

Responsibilities

• Support clients in achieving and maintaining compliance with cybersecurity regulations and standards such as NIS2, ISO/IEC 27001, TISAX, and GDPR.
• Conduct cybersecurity assessments, gap analyses, and risk assessments to identify remediation actions and improvement opportunities.
• Design, implement, and maintain Information Security Management Systems (ISMS) aligned with international standards and best practices.
• Analyze business processes, operational dependencies, and critical systems in order to define business continuity parameters such as RTO, RPO, and MTPD.
• Manage consulting engagements related to audit readiness, certification support, and regulatory compliance programs.
• Act as a Virtual CISO (vCISO), providing strategic guidance on cybersecurity governance, risk management, and organizational security posture.
• Develop cybersecurity policies, procedures, standards, and governance documentation.
• Deliver training and awareness sessions on cybersecurity, compliance, and security best practices.
• Monitor regulatory and compliance developments, advising clients on emerging requirements and their operational impact.
• Collaborate with experienced consultants and international teams and with technical and business stakeholders to integrate cybersecurity into organizational processes and digital transformation initiatives.
• Work on high-impact cybersecurity and compliance projects to grow expertise across governance, risk, compliance, and cybersecurity domains.

Qualifications

• 3–5 years of experience in cybersecurity consulting, compliance, governance, or information security management.
• Strong knowledge of cybersecurity frameworks and regulations, including NIS2, ISO/IEC 27001, TISAX, GDPR.
• Proven experience in security audits, risk assessments, gap analyses, and compliance programs.
• Experience in designing and implementing security governance frameworks and compliance processes.
• Knowledge of Business Continuity and Disaster Recovery principles and related methodologies (e.g., ISO 22301, ISO/TS 22317).
• Strong analytical, organizational, and documentation skills.
• Excellent communication and stakeholder management capabilities.
• Ability to work independently and manage projects with varying timelines and priorities.
• Client‑oriented mindset with a methodical and detail‑focused approach.
• Availability to travel for short, medium, or long‑term assignments when required.
• English proficiency at B2 level or higher.

Preferred Qualifications

• Degree in Computer Science, Engineering, Cybersecurity, Law, or a related field.
• Professional certifications such as ISO/IEC 27001 Lead Auditor, ISO/IEC 27001 Lead Implementer, CISA, CISM, CISSP.
• Previous experience as a Virtual CISO, Compliance Manager, or Information Security Manager.
• Familiarity with risk management and business continuity methodologies such as ISO 31000, ISO/IEC 27005, NIST Cybersecurity Framework, ISO 22301.
• Experience in regulated industries such as automotive, energy, manufacturing, healthcare, or financial services.
• Experience with GRC platforms and interactions with certification/accreditation bodies.
• Technical understanding of cloud security (AWS, Azure, GCP), SIEM and SOC environments, vulnerability management, network security architectures, Identity and Access Management (IAM).

Benefits

• Comprehensive benefits package supporting professional growth, personal well‑being, and work‑life balance.
• Corporate welfare platform offering healthcare support.
• Work‑life kit with welcome package, digital meal vouchers, and flexible reimbursement options.
• Continuous learning and development opportunities, certification support, and incentives for skill advancement.
• Modern, collaborative office spaces and flexible work arrangements.