Red Alert Labs is a cybersecurity company dedicated to securing and certifying the IoT and connected products. We help manufacturers, integrators and regulators assess, improve and demonstrate the security and regulatory conformity of products with digital elements, including against the EU Cyber Resilience Act, EUCC, RED Delegated Act, ETSI EN 303 645, IEC 62443 and related schemes.
As a Cybersecurity Consultant, you will support clients in understanding and meeting their security obligations, with an immediate, core focus on the landmark EU Cyber Resilience Act (CRA).
You will own defined workstreams end-to-end, including running gap assessments, building conformity roadmaps, performing risk assessments, and producing technical documentation, while scaling your autonomy and technical expertise across the broader connected-product compliance landscape.
Conduct regulatory gap assessments and build actionable conformity roadmaps for products with digital elements.
Perform comprehensive product risk assessments, threat modeling, and vulnerability-handling reviews.
Produce clear, evidence-driven technical reports and conformity documentation, translating complex technical findings into clear business impacts.
Provide clear technical guidance to clients throughout the lifecycle of the engagement.
Support pre-sales activities by providing technical insights to the commercial team for scoping and proposal development.
Actively enrich the internal security and regulatory knowledge base while providing informal guidance to junior colleagues.
Represent Red Alert Labs periodically at professional industry forums or specific client-facing events.
Education: Master’s Degree (Bac+5 or equivalent) in cybersecurity, computer science, electrical/electronic or embedded engineering, or a related field.
Language: French and English fluent (primary working languages); both oral and written.
Experience: 2 to 6 years of experience in cybersecurity consulting, product security, certification/evaluation, or secure development.
Connected product security compliance: CRA, RED Delegated Act, EUCC, ETSI EN 303 645, IEC 62443.
Regulatory gap assessments and actionable conformity roadmaps.
Product risk assessments, IoT threat modelling, vulnerability handling and vulnerability management reviews.
Secure Development Lifecycle (SDL), security objectives and control traceability.
AppSec fundamentals including OWASP concepts, applied crypto and key management basics.
Awareness of firmware and hardware security analysis.
Evidence driven technical reporting, full evidence traceability, audit readiness.
Strong communication skills, both written and verbal
Customer-oriented mindset
Team spirit and ability to collaborate effectively
Adaptability in a fast-changing environment
Problem-solving mindset
Sense of ownership and accountability
Ability to manage priorities and deliver results
First interview: Motivation, personality, and general fit discussion
Knowledge test: A knowledge assessment to complete before the second interview
Second interview: Discussion around your test, technical knowledge, and role expectations
Final interview: Final discussion with management and alignment on collaboration
