Principle Consultant Cyber Sec

Job Specification : Information Security & GRC Consultants

Location : Germany (remote with travelling for client engagements)

Travel : Client engagements across Germany

Hiring Range : Senior Consultant to Principal Consultant

Salary : €70,000–€115,000 + up to €10,000 annual training budget

A rapidly scaling specialist security consultancy is expanding its permanent team following multiple long‑term project wins across the Financial Services, Pharma, and Defence sectors.

They are seeking experienced Information Security, GRC, and Technical Security professionals to support hands‑on delivery of security transformation programmes.

The consultancy is known for its deep technical expertise, strong client relationships, and commitment to internal development. With the company growing significantly, there are opportunities to specialise in sub‑domains such as SOC, SIEM, OT / ICs Security, DORA, and NIS2.

• Lead or support ISO 27001 initiatives, including ISMS design, gap assessments, risk treatment plans and internal audits.
• Deliver NIS2 readiness programmes (scoping, control design, maturity assessments, compliance documentation).
• Design and enhance GRC frameworks across DORA, KRITIS, BAIT / VAIT / MaRisk.
• Develop and implement policies, procedures, governance structures and operating models.
• Conduct security risk assessments, supplier due diligence and ongoing compliance monitoring.
• Support technical security activities, including remediation and hardening planning.
• Work with engineering teams on delivering practical security improvements across client environments.
• Contribute to SOC and SIEM uplift, use‑case development, threat detection and response improvement.
• Support OT / ICs security initiatives, including architecture reviews, assessments, and control implementation.
• Act as a trusted advisor to IT, Security, Risk, and Audit stakeholders.

• Background in Information Security, GRC, Cybersecurity Engineering or Technology Risk.
• Experience with at least one of the following frameworks: ISO 27001, NIS2, DORA, KRITIS, BAIT / VAIT / MaRisk.
• Strong understanding of security governance, controls, and risk management.
• Hands‑on experience in SOC / SIEM, technical security, or OT security is highly advantageous.
• Ability to engage effectively with stakeholders across complex organisations.
• C1-C2 German & English.

• Competitive salary: €70,000–€115,000 depending on level.
• €10,000 annual training and certification budget (SANS, ISO Lead Auditor, CISM, CISSP, OT security courses, etc.).
• Opportunities to specialise in emerging security domains as the company grows.
• Clear promotion pathways to management and senior leadership roles.
• Dynamic, delivery‑focused environment with high‑impact project exposure.