Cybersecurity Consultant

Red Alert Labs is a cybersecurity company dedicated to securing and certifying the IoT and connected products. We help manufacturers, integrators and regulators assess, improve and demonstrate the security and regulatory conformity of products with digital elements, including against the EU Cyber Resilience Act, EUCC, RED Delegated Act, ETSI EN 303 645, IEC 62443 and related schemes.

As a Cybersecurity Consultant at Red Alert Labs, you will support clients in understanding and meeting their security obligations, with an immediate, core focus on the landmark EU Cyber Resilience Act (CRA).

You will own defined workstreams end-to-end, including running gap assessments, building conformity roadmaps, performing risk assessments, and producing technical documentation, while scaling your autonomy and technical expertise across the broader connected-product compliance landscape.

What you will do

• Conduct regulatory gap assessments and build actionable conformity roadmaps for products with digital elements.
• Perform comprehensive product risk assessments, threat modeling, and vulnerability-handling reviews.
• Produce clear, evidence-driven technical reports and conformity documentation, translating complex technical findings into clear business impacts.
• Provide clear technical guidance to clients throughout the lifecycle of the engagement.
• Support pre-sales activities by providing technical insights to the commercial team for scoping and proposal development.
• Actively enrich the internal security and regulatory knowledge base while providing informal guidance to junior colleagues.
• Represent Red Alert Labs periodically at professional industry forums or specific client-facing events.

Qualifications

• Education: Master’s Degree (Bac+5 or equivalent) in cybersecurity, computer science, electrical/electronic or embedded engineering, or a related field.
• Language: French and English fluent (primary working languages); both oral and written.
• Experience: 2 to 6 years of experience in cybersecurity consulting, product security, certification/evaluation, or secure development.
• Knowledge of connected product security compliance, with familiarity with relevant frameworks such as CRA, RED Delegated Act, EUCC, ETSI EN 303 645, or IEC 62443.
• Regulatory gap assessments and actionable conformity roadmaps.
• Product risk assessments, IoT threat modeling, vulnerability handling and vulnerability management reviews.
• Secure Development Lifecycle (SDL), security objectives and control traceability.
• AppSec fundamentals including OWASP concepts, applied crypto and key management basics.
• Awareness of firmware and hardware security analysis.
• Evidence driven technical reporting, full evidence traceability, audit readiness.
• Strong communication skills, both written and verbal
• Customer-oriented mindset
• Team spirit and ability to collaborate effectively
• Adaptability in a fast-changing environment
• Problem-solving mindset
• Sense of ownership and accountability
• Ability to manage priorities and deliver results