About the Role
GRC Engineering is an emerging field within Cybersecurity focused on modernizing traditional Governance, Risk, and Compliance processes using Cloud and AI technologies. Our mission is to assist clients in enhancing their GRC programs through technical expertise in modern software development and a consultative approach, underpinned by a strong sense of ownership.
We are primarily seeking candidates in Germany, but may consider exceptional candidates from other EU countries.
Activities
- Assist clients in establishing and implementing contemporary Governance, Risk, and Compliance Programs.
- Leverage modern technologies, including public cloud and AI, to accelerate client GRC initiatives.
- Independently manage and execute individual workstreams within Cybersecurity projects.
- Produce high-quality deliverables, encompassing code (from scripts to full applications), presentations, workshops, and written reports.
- Liaise with internal stakeholders, representing client interests.
- Cultivate and expand client relationships.
Requirements
- A minimum of 3 years of experience in Cybersecurity or IT Compliance consulting within a high-performing team.
- Practical experience in software development, cloud security, red teaming, detection engineering, or similar modern security problem-solving approaches.
- Prior experience leading consulting projects or workstreams.
- Familiarity with major Cybersecurity regulations, such as NIS2, DORA, or the Cyber Resilience Act.
- Proficiency with modern technology stacks, including programming languages, Public Cloud, CI/CD pipelines, and AI agents.
- Demonstrated interest and experience in management or technology-related aspects of Cybersecurity, such as economics, social sciences, software development, cloud, and AI technologies, or other areas that broaden your perspective.
- A strong sense of ownership and a self-starter mentality.
Team & Benefits
We are a young, dynamic consulting start-up. We recognize the inherent risks of joining an early-stage company, but we firmly believe the rewards significantly outweigh them. Here’s why you should consider joining us:
Compensation
- Your remuneration comprises a base salary and an uncapped bonus, tied to profitability, business development achievements, and project management responsibilities.
- You have the flexibility to determine the proportion of your salary as variable pay (between 10% and 30%), with a higher variable component leading to a greater profit share.
- Bonuses are disbursed quarterly, providing timely recognition of your contributions.
- We offer flexible gross salary conversion options to suit your lifestyle, including pension schemes, childcare cost coverage, and other benefits, ensuring you maximize your earnings.
Impact & Growth
- Directly influence the culture and strategic direction of a newly established company.
- Engage with complex challenges at the nexus of technology, risk, business, and regulation.
- Continuous learning is not just encouraged but expected; we provide financial support for relevant certifications and courses.
- Regular involvement in Interim CISO engagements offers unparalleled exposure for aspiring CISOs or consultants seeking to enhance their strategic advisory skills.
This is a remote-first position.
Travel to client sites is necessary and can vary from occasional visits to frequent trips, depending on project demands. We are committed to considering your personal circumstances when determining travel frequency.
Start-ups thrive on rapid adaptation and problem-solving. If you are driven to shape both the business and your career trajectory, this is your opportunity.
We champion diversity, believing that varied teams yield stronger solutions. We encourage applications from individuals with non-traditional backgrounds. Bring your authentic self, with your unique identity and perspectives.
Application Process
The hiring process involves 1-2 interviews, including technical assessments on security and GRC, as well as evaluations of your problem-solving capabilities.