Principal Product Security & Regulatory Readiness Lead

Principal Product Security & Regulatory Readiness Lead | Remote | Contract | Europe / UK | 6 months (strong possibility of extension)

We're looking for a senior cybersecurity leader to drive alignment with the EU Cyber Resilience Act (CRA) and NIS2 across a global product portfolio.

This is a high-impact contract role where you'll shape security architecture, compliance strategy, and regulatory readiness without slowing down engineering delivery.

What you'll be doing:

* Lead CRA & NIS2 readiness across products
* Translate regulatory requirements into engineering controls & architecture
* Define product classification & conformity pathways
* Build audit-ready documentation & evidence frameworks
* Establish incident reporting workflows (24h / 72h timelines)
* Drive SBOM, supply chain security, and lifecycle governance
* Partner with Product, Legal, Engineering & Exec stakeholders

What we're looking for:

* 12+ years in product security / security architecture / cyber leadership
* Strong experience with secure SDLC & governance in SaaS/cloud
* Proven ability to turn regulation into practical engineering solutions
* Exposure to frameworks like CRA, NIS2, GDPR, DORA (preferred)
* Expertise in SBOM, vulnerability management, PSIRT

If this sounds like a fit, APPLY NOW!

Principal Product Security & Regulatory Readiness Lead | Remote | Contract | Europe / UK | 6 months (strong possibility of extension)

Oscar Associates (UK) Limited is acting as an Employment Business in relation to this vacancy.

To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.