Senior Information Security Specialist, German-speaking

Secfix

Senior Information Security Specialist managing compliance frameworks and mentoring junior specialists at Secfix. Involved in ISO 27001 projects and owns the compliance knowledge base.

Posted 6/22/2026full-timeRemote • 🇩🇪 GermanySeniorWebsite

Tech Stack

Tools & technologies

AWSAzureCloudGoogle Cloud Platform

About the role

Key responsibilities & impact

Own and drive the compliance roadmap inside the Secfix platform across different compliance frameworks (ISO 27001, TISAX, SOC 2, GDPR, NIS 2, DORA, ISO 27017/27018, ISO 42001, C5, and more as we expand)
Implement ISO 27001 and adjacent frameworks end-to-end for customers
Mentor and upskill the compliance team: sharing expertise, reviewing work, and helping drive consistency in audits and customer deliverables
Conduct internal audits directly for strategic and complex customers, and review the internal audits performed by junior team members to drive quality and consistency
Act as a compliance partner to CSMs and sales reps: fast, reliable support for customer questions, and joining customer calls when deep expertise is needed
Own the quality of compliance content in the platform (including creating policies, evidence templates, Compliance enable playbooks for our CSMs, security awareness trainings and more)
Close framework gaps and incorporate auditor feedback into both team practice and platform improvements
Partner with product and engineering to translate compliance gaps into structured product work
Collaborate closely with CS, Product, and Founders to align compliance, customer, and roadmap priorities
Deepen relationships with our existing certification partners and train auditors on the Secfix platform so they can confidently use it during customer audits

Requirements

What you’ll need

German (C1/C2) and English (fluent) is a must for this role
5+ years of hands‑on information security and GRC experience in B2B SaaS
Led 3+ successful ISO 27001 certification projects as an implementer and/or auditor at a startup or mid-market company
Hands on experience with a GRC platform like Secfix, or similar GRC platforms
Cloud infrastructure readiness across AWS, Azure, and GCP; experience with posture analysis and remediation planning
Strong project management skills with the ability to break down ambiguous initiatives into concrete deliverables, prioritizes ruthlessly, and ships
Excellent written communication, especially in producing clear, precise compliance content for diverse audiences (auditors, founders, engineers)
Strong ownership mindset: operates as a senior individual contributor without waiting for direction.

Benefits

Comp & perks

Remote Work: 100% remote work with a virtual office in Gather.
Competitive Salary: Industry-competitive local salaries. We pay local rates that are at or above the market. We share this philosophy with GitLab.
Equity: Generous equity package – we’re all owners of Secfix and beneficiaries of our collective success.
Mentorship: We are backed by top VCs and accelerators and have direct access to world-class mentors.
Development Budget: €1,000 annual personal development budget.
Home office Budget: Home office budget and access to co-working spaces.
Holidays: 26 days holiday + local public holidays.
Health Insurance: Comprehensive health coverage.
Annual Retreat: Annual retreat to build connections and inspire ideas (this year we’re headed to Milan!).
Company Events: Company-wide events to build relationships and have some fun!
Tech Equipment: Latest tech equipment (MacBook, monitors, headphones).

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

ISO 27001TISAXSOC 2GDPRNIS 2DORAISO 27017ISO 27018ISO 42001C5

Soft Skills

mentoringproject managementcommunicationownership mindsetcollaboration

Certifications

ISO 27001 certification