We are seeking an GRC Consultant (Governance, Risk & Compliance) who can help us on a long term contract/b2b assignment working for a large Energy Company, who are based in Germany.

You can be located Europe-wide, have fluent English skills, you'll need to define & specify Compliance & Security as well as Risk with each Products located on their hybrid cloud platform.

Remote - with a 3 day block onsite per month in Berlin

Rate - is open

Availability: to start in October, no later than November

Duration: 3 months rolling for 12-18 months

Duties

Analysis of program structure and security context of the company
Lead workshops and discussions with stakeholders and domain experts
Align with technical and Compliance stakeholders on potential implications for security processes
Design security process requirements and the concept for the security & compliance support function

Experience

At least 2 years of working experience in the domain of information or cyber security
Strong background in governance, risk and compliance
Working expertise in KRITIS-relevant context
Strong understanding of information security frameworks, ISMS and security processes in general
Solid understanding of cloud-native paradigms, technologies and processes- Certificates such as CISA, CISSP, CISM are a strong plus