Cyber Security Compliance Engineer
Role: Cyber Security Compliance Engineer
Client: Global Manufacturer
Location: Zurich
Duration: Long Term
Remote Work: 2 days per week in the office, 3 days remote work
Start Date: ASAP
Job Description:
A global leader in manufacturing is seeking an experienced and proactive Cyber Security Consultant to lead the implementation of the EU Cyber Resilience Act (CRA) compliance program. This role is critical in establishing a robust cybersecurity framework for the company's digital products and ensuring alignment with upcoming EU regulations.
The consultant will work closely with internal teams and play a pivotal role in both the initial implementation phase and the transition to a permanent Digital Compliance Engineer.
Key Responsibilities:
- Act as the primary driver and project manager for CRA compliance.
- Collaborate with product, engineering, and legal teams to execute the compliance roadmap.
- Develop a detailed project plan with milestones and deliverables.
- Provide regular progress updates to senior management.
- Define and implement a risk management framework based on established standards.
- Conduct comprehensive cybersecurity risk assessments for digital products.
- Identify and document security requirements tailored to product risk profiles.
- Establish lifecycle-based risk assessment documentation processes.
- Design and implement a coordinated vulnerability disclosure policy.
- Develop internal procedures for vulnerability identification, documentation (including SBOM), and remediation.
- Ensure timely mitigation and communication of vulnerabilities to customers and authorities (e.g., ENISA).
- Create templates for technical documentation as per CRA Annex VII.
- Define user-facing documentation standards to ensure clarity and compliance.
- Ensure all documentation supports market surveillance requirements.
- Review and enhance current software development processes.
- Define and implement a formal SSDL framework based on NIST SSDF.
- Provide training and guidance to architecture, development, and QA teams.
- Align long-term goals with IEC 62443 compliance.
Ideal Qualifications
- Proven experience in cybersecurity compliance, preferably with EU regulations.
- Strong project management and cross-functional collaboration skills.
- Familiarity with standards such as NIST SSDF, BSI TR-03183-1, and IEC 62443.
- Experience with secure software development and vulnerability management.
- Excellent documentation and communication skills.
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your CV and details on file so when we see similar roles or see skillsets that drive growth in organisations, we will always reach out to discuss opportunities.
Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your CV so you can be considered for roles that have yet to be created.
Yes, we help with CV and interview preparation. From customised support on how to optimise your CV to interview preparation and compensation negotiations, we advocate for you throughout your next career move.