Senior Consultant GRC / Digital Risk

Senior Consultant GRC / Digital Risk (all genders)

Standort: Munich

Come work with us

Netlight strives to be a truly diverse, equitable and inclusive organization. Regardless of who you are, what personality, background, and experience you have, you enrich our culture through your values. Netlight’s purpose is to unleash full potential, realize great careers, and fulfill personal growth. To achieve this, we have a highly engaged network organization, where every employee gets a mentor, delivery coach and personal communities. The key to our continued success is trust and personal responsibility, diverse experiences, challenging opportunities and developing from personal values. Every Netlighter is an active part of building and shaping this culture, which leads to a clear correlation between personal growth and the growth of Netlight.

About us

Netlight provides a full range of premium IT-consulting services at the forefront of the digital industry and stands out for its product- and technology-independent expertise in a wide range of industries and clients. We are a network organization of more than 2,000 role models making aspiring digital leaders successful in their business-critical IT projects. Netlight has been awarded several times as top employer, as well as for growth, continued profitability and engagement for diversity, equity and equality within the IT industry. Today we are growing all across Europe, currently with more than 12 active international offices.

Your Role

1. Governance & Compliance: You will advise on requirements stemming from standards and regulations such as ISO 27001, NIS2, DORA, SOC 2, ISO 62443, or ISO 9001, and support certification processes as well as internal and external audits.
2. Incident Management & Business Continuity: You will design and manage incident management plans, establish and execute business continuity and disaster recovery concepts, and coordinate the collaboration between various stakeholders in critical situations.
3. Assessments & Audits: You will plan and conduct comprehensive security evaluations—from compliance (e.g., for ISO 27001, SOC 2, DORA, NIS2) to technical security assessments, architecture audits, and technical due diligence—and document your findings in detailed reports for management and clients.
4. Leadership & Consulting: You will lead project teams, develop security concepts together with interdisciplinary teams (e.g., Cloud Security, Software Development, Compliance), and support sales through the creation of proposals and presentations.

What We’re Looking For

1. A completed degree in (Business) Informatics, Business Administration, or a comparable field with a focus on IT security.
2. At least 4–7 years of relevant professional experience in consulting, IT security, or compliance.
3. Practical knowledge of common security standards and frameworks such as ISO 2700x, NIS2, DORA, SOC 2, BSI IT-Grundschutz, NIST, or COBIT.
4. Solid expertise in risk management (e.g., ISO 27005) as well as experience in implementing GRC concepts and related measures.
5. The ability to design and implement incident management and business continuity processes.
6. Experience in leading small teams and coordinating interdisciplinary projects.
7. Analytical thinking, strong communication skills, and confidence when interacting with clients and stakeholders.
8. Excellent German and English skills (at least C1) and a willingness to travel nationwide.

What You Can Look Forward To

1. Challenging and varied projects in the fields of Governance, Risk, and Compliance as well as Information Security.
2. Collaboration with experts from a variety of areas (e.g., Cloud Security, Software Engineering, Pen testing).
3. Continuous opportunities for professional development through training, certifications, and internal knowledge-sharing sessions.
4. A flexible working model, the possibility of remote work (depending on the project), and attractive compensation packages.
5. An open, dynamic team with flat hierarchies and room for creative input.

Curious?

We look forward to receiving your application.

(This job advertisement is addressed to all genders. We value diversity and equal opportunities.)

DON’T BE SHY – GET IN TOUCH WITH US!

If we find that your profile matches what we are looking for, you will hear from us within two weeks of applying.

We're looking forward to hearing from you!