Senior Consultant, ISMS Auditor

This is a fully remote position, open to applicants in Germany.

📋 Description

• Development and enhancement of Information Security Management Systems (ISMS)

• Design and maintenance of ISMS in accordance with ISO 27001, BSI IT-Grundschutz, or TISAX

• Support and conduct security audits and assessments

• Perform cyber risk evaluations

• Design and deliver training sessions, workshops, and awareness campaigns

• Prepare security analyses for IT and cyber-related projects

• Conduct assessments, audits, and reviews, including ISMS, NIS2, KRITIS, DORA, and BSI IT-Grundschutz

• Classify information and determine protection requirements

• Develop strategies for prevention and defense against threats and attacks

• Provide advice to clients on the selection, implementation, and operation of IT security solutions

⛳️ Requirements

• Degree in (Business) Computer Science, Business Administration, or a comparable qualification, or several years of relevant professional experience

• Strong professional and project experience in cyber security, information security, and incident/emergency management

• Familiarity with at least one area such as Cloud Security, SIEM, security testing, vulnerability management, incident management, or Identity & Access Management

• Knowledge of standardized frameworks and guidelines such as BSI IT-Grundschutz, ISO 2700x, B3S, ISO 31000, etc.

• Understanding of BCM, GDPR, NIS2, KRITIS, and other standards (NIST, COBIT 2019, ISO 9000/20000 series) is a plus

• Ideally: proof of expertise through relevant certifications (e.g., IT-Grundschutz Practitioner/Consultant/Auditor, ISO 27001 Auditor, ISO/CISO, CISSP, TISP, CISA, CISM, CSP, ISP, etc.)

• Proficient in both German and English, with excellent written and spoken communication skills

🏝️ Benefits

• 30 days of annual leave and the opportunity for workation

• Flexibility: above-average work-life balance through adaptable working models (50–100% employment)

• Company supplemental health insurance

• Personalized onboarding and training opportunities (especially certification paths according to a tailored development plan) with career prospects for long-term collaboration, including in an international context

• Flat organizational structure