Consultant, Information Security

This is a fully remote position, open to applicants in Germany.

📋 Description

• Providing guidance on the establishment and enhancement of ISMS and BCMS across diverse industries and company sizes.

• Offering advice on the integration and execution of regulatory obligations stemming from the BSI Act, the KRITIS umbrella law, DORA, and additional standards.

• Designing and implementing risk analyses and treatment strategies aimed at ensuring effective control (KPIs, roadmaps, prioritization).

• Formulating concepts and policies for clients operating in regulated sectors (KRITIS, NIS-2, KRITIS umbrella law).

• Carrying out internal audits and assisting clients during the certification processes for ISO 27001 and/or TISAX.

• Planning and executing emergency/exercise drills.

• Engaging in internal projects, organizing and structuring our collective expertise, and advancing our consulting methodology.

⛳️ Requirements

• A minimum of 3 years of hands-on experience in a management consultancy focusing on information and IT security.

• A university degree or equivalent experience in one or more of our core areas, such as IT security, (business) computer science, business administration, or security management.

• Familiarity with standards and methodologies: Required: ISO 27001, ISO 22301, TISAX.

• Optional: ISO 27031, DORA, BSI IT-Grundschutz, etc.

• Desirable (not mandatory): CISM/CISA, ISO 27001 Auditor, external CISO/Information Security Officer, IT-Grundschutz practitioner/consultant, Certified ITSC-Manager, etc.

• Capacity to establish and maintain long-term client relationships on an equitable basis.

• Eagerness to independently assume project and client responsibilities.

• A practical mindset with the ability to articulate information security requirements into clear, prioritized actions.

• Excellent self-organization skills and a structured, analytical approach to topics.

• A collaborative team player mentality.

• Proficient German language skills; good English language proficiency.

🏝️ Benefits

• Corporate fitness program

• Team events: because “we” is more than just a word.