All positions
Governance, Risk & ComplianceRemote / Frankfurt am MainFull-time
GRC Analyst
Support clients with ISO 27001, SOC 2, and NIS2 compliance. Conduct risk assessments and develop security policies.
Your Responsibilities
- Conduct compliance assessments against ISO 27001, SOC 2, TISAX, and NIS2
- Perform risk assessments and develop risk treatment plans
- Develop and review security policies, standards, and procedures
- Support clients through certification audits
- Create compliance documentation and evidence packages
- Track regulatory changes and advise clients on implications
Requirements
- 2+ years of experience in GRC, audit, or information security
- Strong knowledge of ISO 27001, SOC 2, or similar frameworks
- Experience conducting risk assessments
- Excellent documentation and analytical skills
- Strong communication skills in German and English
- Relevant certifications (ISO 27001 Lead Auditor, CISA) are a plus
Nice to have
- +Experience with NIS2 or KRITIS requirements
- +Knowledge of automotive security standards (TISAX, ISO 21434)
- +Familiarity with GRC tools (ServiceNow, OneTrust, etc.)
- +Background in internal audit or Big 4 consulting
What we offer
Competitive salary with performance bonus
30 days vacation + flexible working hours
Remote-first with optional Frankfurt am Main office
Annual learning budget (€5,000) and conference attendance
Latest tech equipment of your choice
Regular team events and offsites
Interested?
Send us your CV and a brief cover letter. We'll get back to you within 48 hours.