Information Security Specialist (German-speaking)
S
SecfixSecurity
Europe, CET ±2hFull-TimeMiddle
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Languages
- German, English
- Experience
- 3+ years
- Required Skills
- AWSDockerGCPKubernetesAzureTerraform
Requirements
- German (C1/C2)
- English (fluent)
- 3+ years of hands-on information security and GRC experience
- Ideally with Big 4 consulting or in-house audit at a high-growth SaaS
- Led 3+ successful ISO 27001 certification projects as an implementer and/or auditor
- Hands on experience with a GRC platform (Secfix, or similar)
- Cloud infrastructure readiness across AWS, Azure, and GCP
- Experience with posture analysis and remediation planning
Responsibilities
- Own the compliance lifecycle: run onboarding → certification → continuous compliance; scope controls (SoA), drive risk treatment, evidence and gap closure; draft customer roadmaps; lead audits to a clean pass as the primary security point of contact.
- Harden tech stack: assess posture and map controls to AWS/Azure/GCP, Kubernetes/Docker/Terraform; draft new best practices; prioritize actionable remediation with clear timelines.
- Apply deep framework expertise: tailor programs across ISO 27001, SOC 2, NIST, and more frameworks, aligning requirements to each customer’s environment and objectives.
- Scale delivery & represent Secfix: build/run runbooks, templates, QA, and knowledge base; communicate with executives and, when needed, represent Secfix in select public forums.
- Shape the AI product & platform: turn frontline insights into crisp requirements; partner with Product and Engineering to prioritize and ship features that accelerate evidence, controls, and remediation.
View Full Description & ApplyYou'll be redirected to the employer's site
