Job Description
About the Role
We are looking for an experienced Governance, Risk & Compliance (GRC) Consultant with deep expertise in EU regulatory frameworks, as well as a NIS2 Specialist to strengthen our compliance and cybersecurity governance programs. You will play a key role in advising, implementing, and managing initiatives aligned with European security and compliance directives, ensuring proper risk management practices across our organization.
Key Responsibilities
* Governance, Risk & Compliance (GRC):
* Lead and support security and compliance initiatives aligned with NIS2 requirements. Be key support person for the client in their NIS2 journey.
* Conduct risk assessments, maturity evaluations, and design internal control frameworks.
* Provide strategic advice on governance structures, compliance reporting, and regulatory alignment.
* Drive ISO 27001 implementation and act as an Information Security Officer (ISO) advisor where needed.
* Support project and program management activities related to cybersecurity and compliance.
* NIS2 Directive Expertise:
* Act as subject matter expert on NIS2 requirements, advising on implementation and compliance strategies.
* Conduct gap analyses against NIS2, design risk mitigation and reporting processes.
* Train and guide stakeholders in understanding obligations under NIS2.
Drive business development initiatives regarding NIS2. Able to identify key opportunities and support pre‑sale process. Proactive in this area. Support RFOs, RFPs when necessary.
Qualifications
* Professional background:
* Ideally 2-5 years of experience in Governance, Risk & Compliance, ideally in public and industry sectors.
* Proven track record with information security frameworks, particularly ISO 27001. Knowledge and experience with CyFun is necessary.
* Hands‑on experience as Information Security Officer (ISO role or advisory capacity) or at a minimum, as security manager in larger projects.
* Strong project management background, preferably in multinational environments.
* Must have: ISO 27001 certificate.
* Nice to have: CISA, CISM, any other ISO relevant certificate.
* Strong preference: English + either French or Dutch, as you would be supporting Clients in Public/Industry sector in Belgium.
* Strong communication and stakeholder management skills.
* Ability to interpret regulations into practical, business‑driven compliance processes.
* Autonomous in delivery, fast learner and excellent stakeholder management skills. Can position oneself as a person of trust easily with key stakeholders.
* Possesses consulting mindset and hands‑on attitude.
* Positive person and a team player.
* Analytical and structured approach to risk and compliance management.
Why Join Us?
* Work in a strategic role at the forefront of EU cybersecurity and compliance.
* Engage with international teams and high‑impact compliance programs.
* Opportunity to shape readiness for NIS2 implementation.
Additional Information
We offer a generous employee benefits package that includes:
* A variety of perks, such as mobility options (including a company car), insurance coverage, meal vouchers, eco‑cheques, and more.
* Continuous learning opportunities through the Sopra Steria Academy to support your career development.
* The opportunity to connect with fellow Sopra Steria colleagues at various team events.
Sopra Steria is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, ancestry, nationality, color, family or medical leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, gender (including pregnancy), sexual orientation or any other characteristic protected by applicable local laws, regulations and ordinances. We foster a work environment that is inclusive and respectful of all differences.
#J-18808-Ljbffr