Info Security Compliance Senior Specialist (f/m/d)

About Delos Cloud
Delos Cloud, a start-up founded by SAP, strives to deliver a sovereign cloud platform for the digital transformation of the German public sector. The platform is an essential component for the implementation of the German Administrative Cloud Strategy (DVS), complying with all relevant data protection, IT security, and secrecy requirements of the BSI. Delos Cloud is a trusted partner of federal, state, and local IT service providers, complementing their service portfolio. Exciting and varied tasks await in this innovative and meaningful environment. For more information, please visit: www.deloscloud.de

SAP established Delos Cloud to provide a vendor- and solution-neutral sovereign cloud, accelerating the digital transformation of public services in Germany. The platform meets the strict national requirements set by the German Government’s multi-cloud strategy, with a focus on sovereignty and security.

Your Future Role & Responsibilities

• Develop and implement a comprehensive compliance program to ensure adherence to relevant laws, regulations, and industry standards.
• Develop and maintain the Delos Cloud Multi-Compliance Framework and related processes, integrating them into the overarching Management System landscape and Enterprise GRC strategy.
• Support and guide Delos Cloud functional units during the implementation of the Multi-Compliance Framework.
• Stay updated on changes in laws and regulations impacting the company's operations, incorporate these into the compliance framework, and communicate them to stakeholders.
• Steer the development and maintenance of the Delos Cloud Policy Framework based on a Multi-Compliance approach with a strong focus on IT security.
• Ensure quality and consistency within the entire policy framework and related documentation, such as standards, procedures, and guidelines.
• Collaborate with internal departments to develop and update policies, procedures, and controls to ensure compliance.
• Prepare and submit reports to regulatory bodies, senior management, and other stakeholders.
• Maintain the Delos Cloud Policy SharePoint and perform framework release management.

Profile & Required Skills

• Excellent understanding of compliance auditing practices and methodologies, e.g., ISAE 3000, SOC 1/SOC, ISO 22301.
• Strong knowledge of Management Systems pursuing an integrated approach, e.g., ISO 27001 (ISMS), ISO 9001 (QMS), ISO 50001 (ENMS), BSI Standards.
• Good understanding of German IT security laws and regulations, such as BSI IT-Grundschutz, C5, ISO 27001, including strategies, processes, and services.
• Deep experience in writing and maintaining policies based on official regulations.
• Focus on process development, quality, and results.
• Excellent theoretical and practical knowledge of IT processes and underlying policies.
• Certifications like CISA, CISM, GCFA, GCIH, GCIA, GNFA, GREM, GCCC, or Security+ are assets.
• Strong teamwork and collaboration skills.
• Fluent in German and English, both written and oral.
• Minimum of 5 years of professional experience in Compliance (IT Audit, Governance, Risk, Compliance, IT Operations), risk management, or policy management.
• Experience in security operations and coordinating contracted third-party resources.