Key skills
Cyber SecurityAnalyticsRisk ManagementAccount Management
About this role
Role Overview
- Conduct information security risk assessments using established qualitative and/or quantitative methods
- Contribute to the development of security strategies and recommend corrective measures for small to medium-sized consulting engagements
- Support the development and implementation of security policies and procedures across the organization
- Ensure compliance with cybersecurity regulations and promote awareness by training employees on best practices
- Define and monitor functional and technical mitigation plans; perform methodological and technical oversight and data analytics
- Plan and lead sub-tasks or smaller workstreams of consulting projects and participate in medium-sized consulting engagements
- Independently apply consulting methodologies while documenting and presenting results internally and to clients
- Design and deliver awareness sessions and training for internal and external customers
- Improve existing processes and tooling within the area of responsibility
- Identify opportunities for additional customer support and forward them to the account management team (supporting cross
- and up-selling)
- Conduct internal audits to verify compliance and recommend improvements based on standardized checklists and guidelines
- Collaborate in the preparation of proposals and company presentations
- Take on functional and/or project-related responsibilities in projects (e.g., technical project planning, responsibility for sub-topics)
- Prepare required documentation and present work results
Requirements
- Knowledge of major security management frameworks (ISO/IEC 27000 series, BSI IT-Grundschutz, NIST CSF, IT/OT governance, ISO 31000)
- Understanding of security technologies, controls, and industry best practices
- Ability to maintain and update security policies, procedures, and standards
- Experience working on governance projects and security initiatives; experience with ISMS implementation is a plus
- Familiarity with regulatory requirements across industries (NIS2, GDPR, etc.) and experience with GRC platforms and risk management tools
- Ability to explain complex security concepts clearly to non-technical stakeholders
- Ability to advise customers on their requests and objectives within the project scope
- Cultural sensitivity for collaborating with international teams
- German and English: business proficiency required (spoken and written)
- Willingness to travel domestically and internationally
- Security clearance is required for this role or must be obtainable from the responsible authorities
Tech Stack
- Cyber Security
Benefits
- Mobile working and flexible working hours
- Competitive and attractive remuneration including special payments
- 30 days' holiday plus additional days off for special occasions
- Comprehensive onboarding with intensive induction and expert support
- Excellent training opportunities and strong career development prospects
- Attractive social benefits and offerings, including employer-funded pension scheme, employee share options, discounted car leasing, bike leasing, preferential insurance conditions, and employee discounts with partner companies
- On-site facilities (depending on location), e.g., canteen and cafeteria, gym, on-site kindergarten, company medical services and other health-related services