Mission Overview:
Keystone Solutions is seeking a consultant for a mission at a client site focused on establishing and structuring a NIS2 compliance program. The consultant will work closely with the internal Program Manager, providing expertise and support to ensure the successful implementation of the NIS2 framework.
Key Responsibilities:
-
Conduct a structured review of the existing NIS2 program based on available reports, self-assessments, gap analyses, and action plans.
-
Clarify the scope of intervention with stakeholders, including the consultant, sponsor, CISO, and GRC team.
-
Review the mapping of business activities, critical services, and internal and external dependencies, including suppliers, and their alignment with cyber risks.
-
Identify key focus areas of the program, elements needing clarification or consolidation, and leverage points for facilitating prioritization and management.
-
Identify quick wins to quickly revive compliance dynamics.
-
Define a risk-based methodological approach to prioritize actions based on real risks to essential activities.
-
Establish a Minimum Viable Compliance framework, including a clarified scope, defined governance, mapping of critical activities, prioritized action plan, and initial evidence elements.
-
Provide support, training, and guidance to the internal Program Manager to ensure sustainable management of the NIS2 program.
-
Develop a phased, iterative roadmap covering immediate actions, priority remediations, industrialization of management, and continuous improvement.
Objectives:
-
Enable the client to regain control of its NIS2 program, focusing efforts on real priorities and establishing a credible path towards sustainable compliance.
-
Quickly revive NIS2 compliance dynamics.
-
Structure clear governance and management of the program.
-
Prioritize actions based on cyber risks and essential activities.
-
Define a minimal, realistic, and demonstrable compliance foundation.
-
Enhance the autonomy of the internal Program Manager through expert support and knowledge transfer.
Expected Deliverables:
-
Framework and consolidation of the NIS2 program, including a mission framing note and confirmation of scope with stakeholders.
-
Structured synthesis of existing elements: reports, self-assessments, gap analyses, governance documents, action plans, and available evidence.
-
Mapping of criticality and prioritization by risks, including a review of existing business mapping and alignment with critical services.
-
Methodological approach for risk-based prioritization and Minimum Viable Compliance.
-
Improvement plan and phased roadmap for managing the NIS2 program.
-
Support for the internal Program Manager, including coaching and knowledge transfer sessions.
-
Periodic progress reports and a final presentation to management, including program status, priorities, and proposed trajectory.
Profile Required:
The consultant should have proven experience in supporting significant entities regarding NIS2 and the CYFUN Framework, ideally in the public sector. Required qualifications include:
-
Confirmed experience in cybersecurity governance, NIS2 compliance, risk management, and structuring compliance programs.
-
Knowledge of digital and public service environments.
-
Expected certifications: CISSP, CISM, and ISO 27001 Senior Lead Implementer, or demonstrable equivalents.
-
Ability to support an internal Program Manager, train stakeholders, and produce executive deliverables for management.
Mission Details:
Role: NIS2 expert consultant supporting the internal Program Manager without taking on the interim Program Manager role. The estimated duration is flexible, with a suggested rhythm of 1 to 2 days per week, with the possibility of increased support at the start or spread over time based on program priorities.
Keystone Solutions Advantages:
-
Consultancy Nature: Engage in on-site work as a consultant, representing Keystone Solutions.
-
Dynamic Projects: Work on diverse challenges across various client environments.
-
Turbo-Charged Learning: Experience professional development and broad learning opportunities.
-
Skyrocketing Ambition: Commit to career growth within the framework of Keystone Solutions.
-
Values: As a
If you are ready to tackle technical and strategic challenges in a dynamic consultancy environment, apply today .
Duration: 01/08/2026 - 31/12/2026 5 months • (part time 2/5)
Skills required:
-
Cyber Security - Level: Expert - Most recent: This year
-
ISO 27001:2005 - Level: Expert - Most recent: This year
-
Risk Management - Level: Expert - Most recent: This year
Language requirements:
Dutch or French
Level Full professional proficiency
English
Level Nice to have