NIS2 Specialist (GRC Consultant)

Sopra Steria offers tailored, end-to-end corporate technology and software solutions to help clients make bold choices and deliver results. Successfully so! With more than 56.000 colleagues in 30 countries, we rank as Europe’s leading digital solutions provider. Some of the most successful companies in Europe rely on our technology due to our commitment to innovation, collaboration, and value in business development.  

The world is how we shape it. Let’s shape it together. 

About the Role

We are looking for an experienced Governance, Risk & Compliance (GRC) Consultant with deep expertise in EU regulatory frameworks, as well as a NIS2 Specialist to strengthen our compliance and cybersecurity governance programs. You will play a key role in advising, implementing, and managing initiatives aligned with European security and compliance directives, ensuring proper risk management practices across our organization.

Key Responsibilities

• Governance, Risk & Compliance (GRC):

• • Lead and support security and compliance initiatives aligned with NIS2 requirements. Be key support person for the client in their NIS2 journey.

• • Conduct risk assessments, maturity evaluations, and design internal control frameworks.

• • Provide strategic advice on governance structures, compliance reporting, and regulatory alignment.

• • Drive ISO 27001 implementation and act as an Information Security Officer (ISO) advisor where needed.

• • Support project and program management activities related to cybersecurity and compliance.

• NIS2 Directive Expertise:

• • Act as subject matter expert on NIS2 requirements, advising on implementation and compliance strategies.

• • Conduct gap analyses against NIS2, design risk mitigation and reporting processes.

• • Train and guide stakeholders in understanding obligations under NIS2.

• Business development:

Drive business development initiatives regarding NIS2. Able to identify key opportunities and support pre-sale process. Proactive in this area.

Support RFOs, RFPs when necessary.

• Professional background:

• • Minimum 6-7 years of experience in Governance, Risk & Compliance ideally in public and industry sectors.

• • Proven track record with information security frameworks, particularly ISO 27001. Knowledge and experience with CyFun is necessary.

• • Hands-on experience as Information Security Officer (ISO role or advisory capacity) or ad minima, as security manager in larger projects.

• • Strong project management background, preferably in multinational environments.
  • Must have: ISO27001 certificate.
  • Nice to have: CISA,CISM, any other ISO relevant certificate.

• Language skills:

• • Strong preference: English +  either French or Dutch as you would be supporting Clients in Public/industry sector in Belgium.

• Soft skills:

• • Strong communication and stakeholder management skills.

• • Ability to interpret regulations into practical, business-driven compliance processes.
  • Autonomous in delivery, fast learner and excellent stakeholder management skills. Can position oneself as a person of trust easily with key stakeholders.
  • Possesses consulting mindset and hands-on attitude.
  • Positive person and a team player.

• • Analytical and structured approach to risk and compliance management.

Why Join Us?

• Work in a strategic role at the forefront of EU cybersecurity and compliance.

• Engage with international teams and high-impact compliance programs.

• Opportunity to shape readiness for NIS2 implementation.