Senior Cybersecurity Consultant — CRA Compliance (Contract)
Location: Belgium (Brabant Wallon) | Hybrid (primarily on-site)
Duration: 3–4 months FTE |
Start: ASAP
1. ROLE SUMMARY This is a hands‑on implementation contract — not an advisory or audit role. The client has already had gap assessments done on two products against the EU Cyber Resilience Act, and now needs someone to actually fix the problems identified. Day‑to‑day, the consultant will be hardening products, managing vulnerability remediation, producing SBOMs, supporting security testing, and building out the technical compliance dossier. They'll work closely with a Technical Lead and business stakeholders who have little to no cybersecurity background, so communication and pragmatism matter as much as technical depth. It's a focused, deliverable‑driven engagement with a clear end goal: two products that are CRA‑compliant and documented before the regulation kicks in.
2. KEY REQUIREMENTS BREAKDOWN Must‑Haves Strong, demonstrable knowledge of the EU Cyber Resilience Act (CRA)
Experience implementing cybersecurity compliance in industrial or product environments (not just IT/enterprise)
OT / SCADA security experience
Product security hardening and secure configuration
Vulnerability management and security testing (follow‑up, not necessarily execution)
SBOM (Software Bill of Materials) production and management
Technical documentation for regulatory compliance
Available immediately and able to commit full‑time for 3–4 months on‑site in Brabant Wallon
Nice‑to‑Haves Experience with IEC 62443 (industrial cybersecurity standard)
Familiarity with Siemens or AVEVA industrial platforms
Background in IT/OT convergence environments
Experience presenting to non‑technical stakeholders
Deal‑Breakers Pure IT/enterprise security background with no OT or product experience
Only advisory/assessment experience — this role is implementation
Unavailable before summer or unwilling to be primarily on‑site
#J-18808-Ljbffr