GRC Consultant (NIS2) – 6-month contract

About the role

We are seeking a GRC Consultant to lead a 6‑month NIS2 remediation programme for a leading cybersecurity practice in Dublin. The consultant will design and implement a structured compliance roadmap, strengthen governance, and embed robust cybersecurity controls across IT, OT and cloud environments.

Key responsibilities

• Lead the development and execution of a structured NIS2 compliance roadmap, identifying and remediating gaps in governance, processes and controls.
• Oversee the enterprise cyber programme, coordinating initiatives across business and technology domains to ensure consistent protection for IT, OT and cloud assets.
• Establish cyber governance frameworks, decision‑making forums and implement policies, standards and controls aligned with regulatory requirements.
• Drive centralised cyber risk management and compliance activities.
• Define baseline security architecture and support implementation of key controls such as IAM, monitoring and vulnerability management, contributing to secure system design.
• Build and embed a supplier security and risk framework, integrating cyber requirements into procurement and contracts.
• Design and implement incident response processes, establish monitoring and alerting capabilities, and coordinate response activities with internal teams and external partners.

Required profile

• Proven experience delivering GRC programmes within regulated environments.
• Strong understanding of NIS2 and related European regulatory frameworks.
• Experience in risk management, governance and compliance remediation.
• Broad exposure to enterprise security domains, including IT, OT and cloud.
• Ability to operate at programme level and engage senior stakeholders.

Required skills

• Identity and Access Management (IAM)
• Monitoring solutions
• Vulnerability Management
• Security Architecture design
• IT, OT and Cloud environments