Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
CBTW

Governance, Risk & Compliance Expert – GRC

CBTW

Governance, Risk & Compliance Expert enhancing cybersecurity for clients through strategy and risk management. Driving compliance with regulations and improving organizational resilience.

Posted 6/6/2026full-timeBerlin • 🇩🇪 GermanyMid-LevelSenior💰 €65,000 - €75,000 per yearWebsite

Tech Stack

Tools & technologies
Cyber Security

About the role

Key responsibilities & impact
  • You support our clients in defining and implementing their information security strategy
  • You organize, structure and manage security projects
  • You implement and further develop information security management systems (ISMS)
  • You contribute to the creation and continual improvement of security policies and processes (e.g., Incident Response, Security Policies)
  • You analyze and assess security risks using established frameworks (e.g., ISO 27005, EBIOS RM)
  • You identify and monitor operational, compliance and security risks
  • You define and implement security KPIs to measure security performance
  • You support clients in complying with relevant cybersecurity and data protection regulations (e.g., NIS2, DORA, GDPR, NIST)
  • You analyze organizations’ security posture and identify improvement measures
  • You conduct internal audits and support compliance processes
  • You coordinate incident response and support incident analysis
  • You monitor remediation plans following incidents or audits and ensure their implementation
  • You develop measures to improve the security posture
  • You deliver training and awareness activities on information security and GRC policies
  • You promote the adoption of security standards and best practices across organizations

Requirements

What you’ll need
  • Completed Bachelor’s or Master’s degree in Cybersecurity, Information Security or a comparable qualification
  • At least 5 years of experience in a comparable role within Governance, Risk & Compliance or Information Security
  • Solid knowledge of the ISO 2700X standards (ISO 27001, ISO 27002, ISO 27005)
  • Experience with risk management methods such as EBIOS RM
  • Knowledge of relevant regulatory requirements such as NIS2, DORA or GDPR
  • Experience implementing or further developing an ISMS
  • Excellent analytical skills and a structured way of working
  • Fluent German and English
  • Certifications such as ISO 27001 Lead Implementer / Lead Auditor or ISO 27005 Risk Manager are advantageous
  • Additional certifications such as CISM, CISSP, CRISC or CISA are a plus
  • Willingness to travel within the DACH region

Benefits

Comp & perks
  • Onboarding & team spirit: Welcome day, welcome drink & new hire lunch
  • Mentoring program for your ideal start
  • Afterwork events, summer tech event & festive Christmas party
  • Joint social engagement through charity campaigns
  • Development & career: Individual career paths & regular feedback discussions
  • Diverse in-house training, online courses & external further education
  • International collaboration with colleagues across Europe
  • Work-life balance & flexibility: Remote work & workation – within the EU and beyond
  • Sabbatical options & flexible working time models
  • Public holiday calendar for Baden-Württemberg plus the holidays of your federal state – double benefit
  • 30 days of annual leave per year
  • Equipment & mobility: Allowance to equip your mobile workstation
  • Deutschlandticket or bike leasing – you have the choice
  • Optional: BahnCard for even more travel flexibility
  • Security & financial planning: Support with retirement provision & wealth-building
  • Various options for financial protection
  • Wellbeing & health: Access to the Employee Assistance Program (EAP) – also available to family members
  • Additional perks: Bonuses for exceptional commitment
  • Exclusive advantages via our Corporate Benefits platform
  • Our CBTW Spotify playlist for a musical impression of the team

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
information security strategysecurity management systemssecurity policiesrisk assessmentsecurity KPIsincident responseinternal auditssecurity posture analysisrisk management methodsISMS implementation
Soft Skills
analytical skillsstructured workingcommunicationtraining deliveryorganizational skills
Certifications
ISO 27001 Lead ImplementerISO 27001 Lead AuditorISO 27005 Risk ManagerCISMCISSPCRISCCISA