Cyber Security Consultant

🔐 ROLE: Senior Cybersecurity Consultant — CRA Compliance (Contract)

Client: Confidential — Industrial/OT sector

Location: Belgium (Brabant Wallon) | Hybrid (primarily on-site)

Duration: 3–4 months FTE |

Start: ASAP

1. ROLE SUMMARY

This is a hands-on implementation contract — not an advisory or audit role. The client has already had gap assessments done on two products against the EU Cyber Resilience Act, and now needs someone to actually fix the problems identified. Day-to-day, the consultant will be hardening products, managing vulnerability remediation, producing SBOMs, supporting security testing, and building out the technical compliance dossier. They'll work closely with a Technical Lead and business stakeholders who have little to no cybersecurity background, so communication and pragmatism matter as much as technical depth. It's a focused, deliverable-driven engagement with a clear end goal: two products that are CRA-compliant and documented before the regulation kicks in.

2. KEY REQUIREMENTS BREAKDOWN

Must-Haves

• Strong, demonstrable knowledge of the EU Cyber Resilience Act (CRA)
• Experience implementing cybersecurity compliance in industrial or product environments (not just IT/enterprise)
• OT / SCADA security experience
• Product security hardening and secure configuration
• Vulnerability management and security testing (follow-up, not necessarily execution)
• SBOM (Software Bill of Materials) production and management
• Technical documentation for regulatory compliance
• Available immediately and able to commit full-time for 3–4 months on-site in Brabant Wallon

Nice-to-Haves

• Experience with IEC 62443 (industrial cybersecurity standard)
• Familiarity with Siemens or AVEVA industrial platforms
• Background in IT/OT convergence environments
• Experience presenting to non-technical stakeholders

Deal-Breakers

• Pure IT/enterprise security background with no OT or product experience
• Only advisory/assessment experience — this role is implementation
• Unavailable before summer or unwilling to be primarily on-site
• Day rate expectations above €1,000