Job description
GRC Consultant (Freelance)
Seniority Levels: Junior (1-3y) | Mid (3-7y) | Senior (7y+)
Duration: Up to 4 years work load
Location: 100% Remote (Must be based within the EU)
Role Overview
We are seeking four (4) GRC Experts to join a technical office service team delivering high-level
security consultancy for European Union Institutions. The primary focus of this mandate is the
end-to-end development and execution of IT Security Plans following the ITSRM2
methodology.
The successful candidates will balance technical security expertise with a deep understanding
of risk management frameworks to ensure the resilience of critical EU infrastructures.
Key Responsibilities
• IT Security Planning: Lead or support the development, documentation, and
implementation of comprehensive IT Security Plans.
• Risk Management: Execute risk assessments and security characterizations using the
ITSRM2 (IT Security Risk Management version 2) methodology.
• Compliance & Governance: Ensure all technical assets and processes align with EUspecific security requirements and standards.
• Tooling Integration: Utilize GRC platforms to track, monitor, and report on security
posture and risk mitigation progress.
• Stakeholder Liaison: Work independently to guide technical teams and institutional
stakeholders through the risk management lifecycle.
Requirements (Mandatory)
• EU Nationality: Only candidates with EU citizenship will be considered due to security
clearance requirements.
• IT Security Plans: Proven, hands-on experience in the creation and development of IT
Security Plans.
• Language: Full professional proficiency in English (C1/C2 level preferred; minimum B2).
• Security Clearance: Candidates must be eligible and willing to undergo EU Security Clearance vetting.
Advantageous Skills (Highly Valued)
• Methodology: Direct experience with ITSRM2 is highly advisable. (Familiarity with ISO
27005 or NIST RMF is a strong baseline).
• Tools: Previous experience using the GOVSEC tool and ServiceNow-GRC (IRM).
• Sector: Prior experience working with or for EU Institutions (Commission, Agencies,
etc.)
Conditions & Rates
• Type: Freelance / Contract.
• Junior (1-3 yrs): €300/day
• Mid-Level (3-7 yrs): €390/day
• Senior (7+ yrs): €450/day
Submission Instructions
To be considered, your CV must explicitly highlight:
1. Your experience in developing IT Security Plans.
2. Your familiarity or direct experience with the ITSRM2 methodology.
Seniority Levels: Junior (1-3y) | Mid (3-7y) | Senior (7y+)
Duration: Up to 4 years work load
Location: 100% Remote (Must be based within the EU)
Role Overview
We are seeking four (4) GRC Experts to join a technical office service team delivering high-level
security consultancy for European Union Institutions. The primary focus of this mandate is the
end-to-end development and execution of IT Security Plans following the ITSRM2
methodology.
The successful candidates will balance technical security expertise with a deep understanding
of risk management frameworks to ensure the resilience of critical EU infrastructures.
Key Responsibilities
• IT Security Planning: Lead or support the development, documentation, and
implementation of comprehensive IT Security Plans.
• Risk Management: Execute risk assessments and security characterizations using the
ITSRM2 (IT Security Risk Management version 2) methodology.
• Compliance & Governance: Ensure all technical assets and processes align with EUspecific security requirements and standards.
• Tooling Integration: Utilize GRC platforms to track, monitor, and report on security
posture and risk mitigation progress.
• Stakeholder Liaison: Work independently to guide technical teams and institutional
stakeholders through the risk management lifecycle.
Requirements (Mandatory)
• EU Nationality: Only candidates with EU citizenship will be considered due to security
clearance requirements.
• IT Security Plans: Proven, hands-on experience in the creation and development of IT
Security Plans.
• Language: Full professional proficiency in English (C1/C2 level preferred; minimum B2).
• Security Clearance: Candidates must be eligible and willing to undergo EU Security Clearance vetting.
Advantageous Skills (Highly Valued)
• Methodology: Direct experience with ITSRM2 is highly advisable. (Familiarity with ISO
27005 or NIST RMF is a strong baseline).
• Tools: Previous experience using the GOVSEC tool and ServiceNow-GRC (IRM).
• Sector: Prior experience working with or for EU Institutions (Commission, Agencies,
etc.)
Conditions & Rates
• Type: Freelance / Contract.
• Junior (1-3 yrs): €300/day
• Mid-Level (3-7 yrs): €390/day
• Senior (7+ yrs): €450/day
Submission Instructions
To be considered, your CV must explicitly highlight:
1. Your experience in developing IT Security Plans.
2. Your familiarity or direct experience with the ITSRM2 methodology.
