magnifier icon

GRC Consultant

Headhunter: Next Ventures

Headhunter: Next Ventures

Medical Devices

Utrecht - Niederlande

Senior Specialist / Project Manager

Experteer Overview

In this role you will design, implement, and operate an ISO/IEC 27001-aligned ISMS for a regulated medical device environment. You will partner with Quality, Regulatory Affairs, IT, and R&D to align security controls with ISO standards and medical device regulations. You’ll conduct risk assessments, support audits and regulatory inspections, and drive continuous improvement across governance, risk, and compliance. This is a hands-on consultancy that helps bridge security with product development and regulatory requirements, delivering measurable risk reduction.

Responsibilites

  • Implement, review, and maintain ISO/IEC 27001 and ISO 27002 controls
  • Develop and maintain ISMS documentation (policies, procedures, risk assessments, SoA)
  • Conduct information security risk assessments aligned with ISO 27005 and ISO 14971
  • Support internal audits, certification audits, and regulatory inspections
  • Align security controls with ISO 13485, FDA QSR (21 CFR 820), and IEC standards (IEC 62304, IEC 81001-5-1)
  • Support supplier and third-party security risk assessments
  • Track remediation actions, KPIs, and continuous improvement activities
  • Collaborate with Quality, Regulatory Affairs, IT, and R&D to integrate security with regulatory requirements

Key requirements

  • ISO/IEC 27001 Lead Implementer or Lead Auditor certification
  • Strong hands-on experience with ISO/IEC 27001 and ISO 27002
  • GRC consulting experience in regulated industries
  • Experience with ISO 13485 / FDA QSR (21 CFR 820)
  • Solid understanding of information security risk management frameworks
  • Experience supporting audits and compliance assessments
  • Medical device or healthcare cybersecurity experience
  • Familiarity with IEC 62304, IEC 81001-5-1, HIPAA, and/or GDPR
  • Experience with cloud environments and third-party risk management
  • Experience collaborating with R&D or product security teams
excellent documentationstakeholder communicationcross-functional collaborationISO/IEC 27001ISO 27002ISO 27005

Description

In this role you will design, implement, and operate an ISO/IEC 27001-aligned ISMS for a regulated medical device environment. You will part…
For members onlyMobile Experteer Ad

Take your next career step

  • 1M+ top positions worldwide with salary benchmarks

  • Be discreetly found and contacted by headhunters

  • Exclusively for senior-level professionals and executives

Already a member?

Experteer uses cookies.

Information on data protection