Assisting with the maintenance and execution of unified, product‑focused control frameworks integrating SOC2, EU AI Act, EU Cyber Resilience Act, and other relevant regulatory expectations for digital products
Assisting in preparing evidence, coordinating with product teams, tracking remediation, and ensuring audit preparedness for Cordant and Inspection Works certifications
Preparing standardized, reusable product evidence packs covering SOC2, AI Act/CRA applicability, security architecture, privacy metadata, and other product compliance artifacts
Operating within the structured engagement model for product‑related customer audits, RFP questionnaires, compliance surveys, and security assessments, ensuring high‑quality, complete, and timely responses
Supporting the execution of assessments of product‑level compliance requirements under SOC2, NIS2 (product‑relevant dependencies), EU AI Act, and EU CRA, driving clarity on product‑specific obligations and gaps
Collaborating with product engineering, cybersecurity, and architecture teams to gather evidence, clarify control ownership, and ensure product lifecycle decisions align to governance expectations.
Preparing concise reports summarizing certification readiness, customer audit trends, evidence maturity, and cross‑product compliance risks for review by IET leadership and GRC HQ

Have a bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, or equivalent experience
Have a familiarity with NIST CSF 2.0 and ISO/IEC 27001 or equivalent framework
Have a collaborative working style and ability to partner effectively with product managers, architects, product cyber, and GRC HQ
Have experience building structured evidence repositories and certification playbooks
Be a proactive problem solver with attention to accuracy, traceability, and governance discipline
Work comfortably across multiple products with varying maturity and regulatory scope.

Senior Digital Technology Specialist – Regulatory Compliance

Key skills