[Hiring] Cybersecurity Governance & Assessment Consultant @WLG

Role Description

We are supporting NATO in the delivery of a major enterprise cybersecurity governance initiative and are looking for an experienced Cybersecurity Governance, Risk & Compliance Consultant to support the annual NATO Cybersecurity Scorecard programme. This role combines cybersecurity assessments, stakeholder engagement, data analytics, maturity evaluations, and executive reporting within one of the world's most complex multinational environments.

• Conduct cybersecurity maturity assessments across NATO entities
• Facilitate interviews, workshops, and assessment sessions with stakeholders
• Coordinate annual cybersecurity scorecard activities
• Analyze cybersecurity performance and maturity data
• Develop cybersecurity metrics, KPIs, and reporting frameworks
• Create analytical dashboards and visualizations using Power BI
• Consolidate assessment findings and prepare executive-level reports
• Support continuous improvement of cybersecurity governance methodologies
• Present findings and recommendations to senior NATO stakeholders

Qualifications

• Minimum 5 years of cybersecurity experience
• Experience in cybersecurity governance, risk management, compliance, or maturity assessments
• Strong understanding of:
  • Cyber Incident Management
  • Cyber Threat Intelligence
  • Enterprise Risk Management
  • Defensive Cyber Operations
• Experience developing cybersecurity metrics, KPIs, scorecards, or performance measurement frameworks
• Strong data analysis and reporting skills
• Power BI experience
• Experience facilitating workshops, assessments, or stakeholder interviews
• Excellent written and verbal communication skills
• Ability to work independently with minimal supervision

Requirements

• Highly Desirable:
  • NIST CSF
  • ISO 27001
  • NIS2
  • Cybersecurity maturity frameworks
  • Government, defence, or critical infrastructure experience
  • NATO experience
  • CISSP, CISM, CRISC, ISO27001 Lead Implementer or similar certifications

Benefits

• Primarily remote delivery
• Regular presence at NATO Headquarters in Brussels
• Occasional travel to NATO entities across member countries
• NATO Secret clearance required
• Strategic enterprise-wide cybersecurity programme

Why This Role Is Interesting

This is not a traditional GRC position focused on documentation. You will directly influence how cybersecurity maturity is measured, assessed, and reported across NATO organizations while working with senior stakeholders across multiple nations.