Senior Cybersecurity Consultant focusing on Governance, Risk and Compliance (GRC) at Datacom. Helping customers strengthen their security posture and align cybersecurity measures with business goals.
About the role
- Information Security Officer responsible for managing ISMS and ensuring security measures at aedifion. Focused on integrating security into processes and conducting audits for compliance.
Responsibilities
- ISMS operation & continuous improvement: Take sole responsibility for operating our ISO 27001-certified ISMS and drive its ongoing development through targeted process optimization.
- Tool integration & automation: Select appropriate ISMS tools based on hands-on experience, implement them independently, and raise the level of automation by integrating them into existing IT infrastructures.
- Security controls implementation: Independently implement technical and organizational security measures in close collaboration with IT, HR, Engineering and Finance, and seamlessly integrate them into business processes.
- Audit & review management: Independently conduct internal, external and customer audits as well as management reviews, ensure successful recertifications and professionally guide customers through audit processes.
- Awareness & training: Design and implement effective awareness and training programs that embed security awareness into the corporate culture long-term and drive measurable behavioral change.
- Effectiveness monitoring & reporting: Monitor ISMS effectiveness through systematic analysis and meaningful KPIs, and produce compelling reports for management, employees and customers.
- ISMS scaling: Flexibly adapt the ISMS to company growth and new regulatory requirements, ensuring sustainable scalability through intelligent architecture.
Requirements
- Practical implementation experience: Extensive experience in independently establishing, operating and continuously improving ISMS in corporate environments, with proven success across multiple full implementation or optimization cycles.
- Specific tool expertise: Deep hands-on experience with common ISMS tools from real-world corporate deployments, including independent selection, implementation and integration into existing IT landscapes.
- ISO 27001 expertise: In-depth knowledge of ISO 27001 requirements with proven experience in successfully conducting initial and recertification audits as well as customer audits.
- Certifications: ISO 27001 Lead Implementer or Lead Auditor, ideally complemented by CISSP, CISM or comparable certifications that substantiate your practical expertise.
- Technical understanding: Solid IT knowledge and system administration skills to independently evaluate, implement and integrate technical security measures in cloud and on-premises environments.
- Languages: Business-fluent written and spoken English for professional audits, precise documentation and international collaboration.
Benefits
- Remote work: Structure your workday to suit your needs—with flexible hours, short core hours and the freedom to work from our modern Cologne office, remotely from anywhere in Germany, or up to 10 days per year from other European countries.
- Long-term prospects: After the probationary period, we offer a permanent employment contract.
- Well-being package: 30 days of annual leave, fresh organic fruit, regional coffee, free drinks and a monthly team breakfast to keep you energized.
- Professional development: We support you with tailored training opportunities to advance your career.
- Tech stack: You will receive modern work equipment of your choice—Microsoft or Apple—as well as high-quality noise-cancelling headphones for focused work.
- Mobility package: Stay mobile: choose between the Deutschlandticket (Germany public transport pass) or a JobRad bike—for commuting or private use.
- Pension benefits: Contributions to capital-forming benefits (VWL) or company pension schemes (bAV).
- #teamaedifion: Regular team events, collaborative work on an equal footing, active knowledge sharing and flat hierarchies foster strong teamwork and open communication.
- Dog-friendly office: Bring your dog to work—we welcome some animal support.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Entry - level Cybersecurity Consultant aiding in the delivery of cybersecurity services across client engagements. Develop skills in Governance, Risk and Compliance under experienced consultants’ guidance.
Cibersecurity Technician responsible for detecting and responding to security incidents at Telefónica Tech. Collaborating in a dynamic team while ensuring cybersecurity measures are effective.
Cybersecurity Consultant in Telefónica Tech conducting vulnerability assessments and leading remediation strategies. Collaborating with teams to prioritize security measures and enhance digital transformation.
Security Specialist ensuring compliance with security policies and procedures at AMERICAN SYSTEMS, a federal government contractor. Administering security programs, providing guidance, and managing eligibility programs.
Security Specialist at American Systems administering DoD and other industrial security programs. Providing guidance, support, and oversight for classified information protection and compliance.
IT Security Specialist responsible for day - to - day support of Hudbay’s IT security program and monitoring security risks. Collaborating on various projects to ensure security best practices are followed across the organization.
Cybersecurity Engineer specializing in Risk Management Framework operations and project management for federal clients. Role involves collaboration and leadership across multiple cybersecurity initiatives.
Manager overseeing Command Systems hardware engineering at Northrop Grumman. Driving hardware design, development, and integration for various defense projects.
Técnico em Segurança do Trabalho realizando visitas técnicas e treinamentos para elaboração do PGR e NR's. Atuando na área de segurança do trabalho na empresa Perfil Medicina.