Cyber Security – GRC – Data Security Specialist(10639862)

Job Title: Cyber Security – GRC – Data Security Specialist

Location: Eindhoven, Netherlands
Start Date: ASAP
Duration: 6 Months
Experience Required: 8–10 Years

Role Overview

We are seeking an experienced Cyber Security GRC (Governance, Risk, and Compliance) professional with a strong focus on Data Security and EU regulatory frameworks. The ideal candidate will play a key role in ensuring product compliance with the EU Cyber Resilience Act (CRA), driving security governance, and leading cross-functional collaboration across engineering, legal, and product teams.

Key Responsibilities

• Develop and execute a roadmap to bring products into compliance with the EU Cyber Resilience Act (CRA).
• Coordinate with internal application teams, cross-functional stakeholders, auditors, and customers.
• Lead cybersecurity risk assessments for products with digital components across the full development lifecycle.
• Guide and educate stakeholders on EU CRA requirements, control ownership, and audit expectations.
• Drive enterprise-wide compliance initiatives and ensure alignment with regulatory requirements.
• Collaborate with engineering, legal, and product development teams to integrate security and compliance into product design.
• Support and manage audits, ensuring readiness and successful outcomes.

Essential Skills & Experience

• Minimum 8 years of professional experience in IT Audit, compliance, or security assurance.
• Strong experience in cybersecurity compliance, regulatory affairs, or product security governance.
• In-depth understanding of the EU Cyber Resilience Act (CRA).
• Familiarity with relevant frameworks and standards (e.g., ISO 27001, NIS2 Directive).
• Knowledge of Secure Development Lifecycles (SDL) and software vulnerability management.
• Proven experience working with auditors and leading enterprise-wide compliance programs.
• Experience leading cross-functional teams in complex environments.
• Strong project management and stakeholder management skills.
• Excellent communication, documentation, and presentation skills.
• Strong analytical and problem-solving abilities.

Good-to-Have Qualifications

• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• ISO 27001 Lead Auditor (LA) or equivalent certification

Key Competencies

• Ability to work effectively in cross-functional teams (Engineering, Legal, Product Development).
• Strong leadership and influencing skills.
• Detail-oriented with a proactive and structured approach.
• Ability to translate regulatory requirements into actionable controls and processes.