Osition Overview:
We are seeking a highly experienced Cyber Security Compliance Specialist with extensive expertise in drafting, reviewing, and negotiating contracts, as well as a strong legal background in supplier assurance. This critical role supports our client in managing and enhancing the cybersecurity compliance of its suppliers and third-party partners, ensuring robust adherence to regulatory and contractual cybersecurity standards.
The ideal candidate will have deep experience in analyzing and revising complex contracts, enforcing compliance with the Network and Information Systems (NIS) Directive and Cyber Assessment Framework (CAF) standards, and collaborating with legal and procurement teams to embed rigorous cybersecurity requirements into supplier agreements.
Key Responsibilities:
Contract Drafting and Review
* Regularly review and update cybersecurity clauses in all supplier contracts to align with the latest NIS enhanced CAF (eCAF) standards, NIS 2 regulations, and industry best practices.
* Draft, negotiate, and implement contractual provisions that strengthen supplier and third-party compliance with cybersecurity obligations.
* Ensure all legal and contractual documentation adheres to cybersecurity regulations and mitigates potential risks effectively.
Supplier Cybersecurity Assurance
* Conduct comprehensive reviews of supplier risk assessments, contracts, and compliance documentation to evaluate cybersecurity adherence.
* Identify gaps in supplier compliance and collaborate with legal and procurement teams to design enforceable contractual remedies.
* Provide detailed recommendations for addressing cybersecurity deficiencies in supplier agreements.
Cybersecurity Compliance Audits and Monitoring
* Design and implement robust systems for ongoing supplier compliance monitoring, including regular audits and reviews.
* Ensure supplier adherence to contractual obligations by enforcing compliance mechanisms tied to cybersecurity standards.
Cross-Functional Collaboration
* Serve as the primary liaison between legal, risk management, procurement, and supplier teams to address cybersecurity compliance requirements.
* Lead negotiations and support the execution of cybersecurity-focused contractual changes, ensuring all agreements are aligned with regulatory expectations.
Legal and Regulatory Expertise
* Maintain up-to-date knowledge of NIS Directive, NIS 2 regulations, and CAF requirements to ensure contracts are legally sound and compliant.
* Advise on and embed cybersecurity considerations into broader legal and risk management processes.
Qualifications and Skills:
* Proven and substantial experience in drafting, negotiating, and reviewing contracts with a focus on legal and compliance requirements.
* Strong knowledge of supplier risk management processes, including conducting thorough assessments and audits of supplier cybersecurity measures.
* Expertise in the NIS Directive, NIS 2 regulations, and Cyber Assessment Framework (CAF).
* Demonstrated ability to work collaboratively with legal, procurement, and risk management teams to implement effective supplier assurance strategies.
* Excellent written and verbal communication skills, with the ability to clearly articulate complex technical and legal cybersecurity requirements in a business context.
* Superior analytical skills to identify compliance gaps and design actionable, legally enforceable solutions within supplier contracts.