Information Security Lead, Risk and Compliance Consultancy

This is a fully remote position, open to applicants in Germany.

📋 Description

• Lead the vision, scope, and strategic roadmap for security and risk initiatives across multiple platforms and product domains.

• Supervise the transition of security protocols from the initial design stage to sustainable operational implementation.

• Guide the efforts of technical experts and analysts to guarantee that architectural designs meet risk and security standards.

• Serve as the primary authority on cross-domain security decisions and the main liaison for senior stakeholders.

• Create and uphold governance models that establish clear roles, responsibilities, and interactions between technical teams and compliance functions.

• Balance regulatory requirements with technical practicality to provide actionable advice for delivery teams.

• Ensure uniform adoption of security architecture principles and patterns throughout the entire infrastructure.

• Align technical domains with both internal and external standards, converting complex regulations into actionable procedures.

• Manage the effects of regulatory changes on architecture and project delivery schedules.

• Cultivate long-term capabilities through knowledge-sharing, training, and promoting a "security by design" mindset.

⛳️ Requirements

• Proven track record of owning and driving enterprise-wide security, compliance, and risk programs across various products or platforms.

• Strong ability to define vision, scope, roadmaps, and success metrics for intricate cross-domain initiatives.

• Capacity to lead initiatives from initial analysis to transition into operational or business-as-usual organizations.

• In-depth knowledge of regulatory, compliance, and risk management frameworks pertinent to large enterprises.

• Significant experience managing the impact of regulations on architecture, processes, and delivery timelines.

• Demonstrated ability to ensure consistent interpretation and application of compliance and security standards across products and teams.

• Practical experience in designing and overseeing compliance and security controls across both technical and procedural domains.

• Solid foundation in security architecture, encompassing platform, product, and integration-layer security.

• Experience in defining, approving, and enforcing security principles, patterns, and secure design methodologies.

• Ability to translate abstract compliance and risk mandates into actionable technical specifications.

• Experience in validating and consolidating contributions from Technical Subject Matter Experts (SMEs) and Security Analysts into a cohesive target architecture.

• Capability to understand, assess, and challenge technical designs and architectures without being the hands-on implementer.

• Proven experience aligning security architecture across various platforms and product lines.

• Demonstrated experience in defining governance frameworks, operational models, and decision-making forums.

• Experience integrating security and compliance reviews into development and delivery cycles.

• Strong ability to act as the primary liaison between technical leadership and Governance, Risk, and Compliance (GRC) stakeholders.

• Proven experience representing security and compliance matters in senior steering committees and executive meetings.

• Exceptional communication skills to align diverse stakeholders with competing priorities.

• Experience in building sustainable security and compliance capabilities, beyond mere project outcomes.

• Proven ability to embed a culture of “security and compliance by design” into organizational standards.

• Fluent in English in both speaking and writing (minimum C1 level).

🏝️ Benefits

• Flexible working hours

• Freedom to select your own projects

• Access to exciting projects across various industries

• Competitive salary

• Dedicated team support