Moss
Information Security GRC Lead(m/w/x)
Vollzeitmit HomeofficeBerufserfahren
Berlin
Neuer Job?Nejo!
Dein persönlicher KI-Karriere-Agent
SESecfix
Information Security Specialist (German-speaking)(m/w/x)
Berlin
VollzeitFreelanceRemoteBerufserfahren
AI/ML
Data Science
Nejo KI-Zusammenfassung
Managing compliance lifecycle for a platform serving European startups and SMBs, assessing tech stack posture across cloud and container environments. Experience leading ISO 27001 certification projects required. Generous equity package, €1,000 annual development budget, remote workspace budget.
Anforderungen
- Fluency in German (C1/C2) and English
- Fluency in German (C1/C2) and English
- 3+ years of hands-on information security and GRC experience
- Experience leading ISO 27001 certification projects
- Hands-on experience with a GRC platform—Secfix or similar
- Cloud infrastructure readiness across AWS, Azure, and GCP
- Experience automating internal processes and building prototypes
- SOC 2 implementation and audit experience
- Experience acting as DPO
Aufgaben
- Own the compliance lifecycle from onboarding to certification and continuous compliance
- Scope controls and drive risk treatment, evidence, and gap closure
- Draft customer roadmaps for security improvements
- Lead audits to ensure a clean pass as the primary security contact
- Assess tech stack posture and map controls to AWS, Azure, GCP, Kubernetes, Docker, and Terraform
- Draft new best practices for security
- Prioritize actionable remediation with clear timelines
- Tailor security programs across ISO 27001, SOC 2, NIST, and other frameworks
- Align security requirements to each customer's environment and objectives
- Build and run runbooks, templates, QA, and knowledge base
- Communicate with executives and represent Secfix in select public forums
- Translate frontline insights into clear requirements for the AI product
- Collaborate with Product and Engineering to prioritize and ship features
- Lead customer-side audits, confidently answering auditor questions
- Build and automate new internal processes
- Draft security policies and custom security documents
- Answer security questionnaires and cross-map controls
- Get onboarded into new regulations or infosec standards
- Create lists of relevant cloud security hardening tasks for AWS, Azure, and GCP
Berufserfahrung
- 3 Jahre
Ausbildung
- Abgeschlossene BerufsausbildungODER
- Bachelor-AbschlussODER
- Master-Abschluss
Sprachen
- Deutsch – verhandlungssicher
- Englisch – verhandlungssicher
Tools & Technologien
- AWS
- Azure
- GCP
- Secfix
Benefits
Attraktive Vergütung
- Generous equity package
Gesundheits- & Fitnessangebote
- Health insurance
Weiterbildungsangebote
- €1,000 annual personal development budget
Flexibles Arbeiten
- Remote workspace budget
Modernes Büro
- Access to co-working spaces
Team Events & Ausflüge
- Annual retreat
- Company-wide events
Moderne Technikausstattung
- Latest tech equipment
Mentoring & Coaching
- Direct access to world-class mentors
Die Originalanzeige dieses Stellenangebotes in der aktuellsten Version findest du hier. Nejo hat diesen Job automatisch von der Website des Unternehmens Secfix erfasst und die Informationen auf Nejo mit Hilfe von KI für dich aufbereitet. Trotz sorgfältiger Analyse können einzelne Informationen unvollständig oder ungenau sein. Bitte prüfe immer alle Angaben in der Originalanzeige! Inhalte und Urheberrechte der Originalanzeige liegen beim ausschreibenden Unternehmen.
Gefällt dir diese Stelle?
BetaDein Career Agent findet täglich ähnliche Jobs für dich.
Noch nicht perfekt?
- Kertos GmbH
Information Security Expert(m/w/x)
Vollzeitmit HomeofficeBerufserfahrenBerlin - Delos Cloud
ISMS Expert(m/w/x)
Vollzeitmit HomeofficeBerufserfahrenEschborn, Berlin, Walldorf, Frankfurt am Main, München, Leipzig, Rheda-Wiedenbrück - Shiftmove
(Senior) Information Security Officer(m/w/x)
Vollzeitmit HomeofficeBerufserfahrenBerlin
SESecfix
Information Security Specialist (German-speaking)(m/w/x)
Berlin
VollzeitFreelanceRemoteBerufserfahren
AI/ML
Data Science
Nejo KI-Zusammenfassung
Managing compliance lifecycle for a platform serving European startups and SMBs, assessing tech stack posture across cloud and container environments. Experience leading ISO 27001 certification projects required. Generous equity package, €1,000 annual development budget, remote workspace budget.
Anforderungen
- Fluency in German (C1/C2) and English
- Fluency in German (C1/C2) and English
- 3+ years of hands-on information security and GRC experience
- Experience leading ISO 27001 certification projects
- Hands-on experience with a GRC platform—Secfix or similar
- Cloud infrastructure readiness across AWS, Azure, and GCP
- Experience automating internal processes and building prototypes
- SOC 2 implementation and audit experience
- Experience acting as DPO
Aufgaben
- Own the compliance lifecycle from onboarding to certification and continuous compliance
- Scope controls and drive risk treatment, evidence, and gap closure
- Draft customer roadmaps for security improvements
- Lead audits to ensure a clean pass as the primary security contact
- Assess tech stack posture and map controls to AWS, Azure, GCP, Kubernetes, Docker, and Terraform
- Draft new best practices for security
- Prioritize actionable remediation with clear timelines
- Tailor security programs across ISO 27001, SOC 2, NIST, and other frameworks
- Align security requirements to each customer's environment and objectives
- Build and run runbooks, templates, QA, and knowledge base
- Communicate with executives and represent Secfix in select public forums
- Translate frontline insights into clear requirements for the AI product
- Collaborate with Product and Engineering to prioritize and ship features
- Lead customer-side audits, confidently answering auditor questions
- Build and automate new internal processes
- Draft security policies and custom security documents
- Answer security questionnaires and cross-map controls
- Get onboarded into new regulations or infosec standards
- Create lists of relevant cloud security hardening tasks for AWS, Azure, and GCP
Berufserfahrung
- 3 Jahre
Ausbildung
- Abgeschlossene BerufsausbildungODER
- Bachelor-AbschlussODER
- Master-Abschluss
Sprachen
- Deutsch – verhandlungssicher
- Englisch – verhandlungssicher
Tools & Technologien
- AWS
- Azure
- GCP
- Secfix
Benefits
Attraktive Vergütung
- Generous equity package
Gesundheits- & Fitnessangebote
- Health insurance
Weiterbildungsangebote
- €1,000 annual personal development budget
Flexibles Arbeiten
- Remote workspace budget
Modernes Büro
- Access to co-working spaces
Team Events & Ausflüge
- Annual retreat
- Company-wide events
Moderne Technikausstattung
- Latest tech equipment
Mentoring & Coaching
- Direct access to world-class mentors
Die Originalanzeige dieses Stellenangebotes in der aktuellsten Version findest du hier. Nejo hat diesen Job automatisch von der Website des Unternehmens Secfix erfasst und die Informationen auf Nejo mit Hilfe von KI für dich aufbereitet. Trotz sorgfältiger Analyse können einzelne Informationen unvollständig oder ungenau sein. Bitte prüfe immer alle Angaben in der Originalanzeige! Inhalte und Urheberrechte der Originalanzeige liegen beim ausschreibenden Unternehmen.
Gefällt dir diese Stelle?
BetaDein Career Agent findet täglich ähnliche Jobs für dich.
Über das Unternehmen
Secfix
Branche
IT
Beschreibung
The company is building the leading compliance automation platform for startups and SMBs in Europe.
Noch nicht perfekt?
- Moss
Information Security GRC Lead(m/w/x)
Vollzeitmit HomeofficeBerufserfahrenBerlin - Kertos GmbH
Information Security Expert(m/w/x)
Vollzeitmit HomeofficeBerufserfahrenBerlin - Delos Cloud
ISMS Expert(m/w/x)
Vollzeitmit HomeofficeBerufserfahrenEschborn, Berlin, Walldorf, Frankfurt am Main, München, Leipzig, Rheda-Wiedenbrück - Shiftmove
(Senior) Information Security Officer(m/w/x)
Vollzeitmit HomeofficeBerufserfahrenBerlin