Senior GRC Implementation Specialist – NIS2 & CyberFundamentals

Our client, a leading public-sector organization, is seeking a specialist to drive the operationalization of a newly acquired GRC platform. This role involves transforming regulatory frameworks into functional systems by mapping controls and structuring documentation within a greenfield environment.

• Lead the operationalization of the GRC platform from initial setup to a live environment.
• Map NIS2 and CyberFundamentals (CyFun) requirements onto the platform's control structure.
• Inventory and normalize compliance documentation, including policies, procedures, and evidence.
• Configure the platform’s control catalogue, document repository, and workflows to reflect actual GRC processes.
• Design a logical taxonomy for content management to ensure long-term navigability and scalability.
• Identify documentation gaps against regulatory frameworks and coordinate with owners to address them.
• Support initial reporting and evidence cycles to validate the effectiveness of the platform setup.

• 8+ years of hands-on experience in GRC implementation with NIS2 and CyberFundamentals (CyFun).
• You have experience configuring and populating GRC platform tools, including control catalogues and evidence linking.
• You're skilled at structuring and normalizing complex documentation into tool-ready formats.
• You bring a Bachelor’s or Master’s degree in IT, information security, or a related field.
• You are proactive and capable of driving projects independently with limited internal support.
• You are fluent in Dutch with a very good level of English.

Nice to Haves

• Familiarity with ISO 27001 and ISO 27002.
• Prior experience with public-sector or government environments.
• Previous involvement in NIS2 readiness or CyFun implementation projects.

• Start date: ASAP
• Duration: until 31/12/2026
• Work regime: Full-time
• Location: Antwerp
• Working model: Hybrid
• Contract: open to both permanent employees and freelancers