CYBER SECURITY GRC CONSULTANT

Für den Standort München suchen wir: # CYBER SECURITY GRC CONSULTANT (D/F/M) Your tasks: - Conduct regular information security risk assessments using qualitative and/or quantitative methods, develop security strategies in collaboration with internal teams and stakeholders and propose corrective measures for medium to big consulting projects - Develop and implement security policies and procedures for the entire organization, ensure that policies and procedures comply with cybersecurity regulations and best practices and raise awareness of security policies and train employees on best practices - Definition and monitoring of functional and technical mitigation plans, methodological and technical monitoring, data analytics and mathematical modeling - Plan and lead small consulting projects and significantly participate to consulting projects of medium to big size - Apply consulting methods independently while documenting and presenting results internally and externally - Design and delivery of awareness and training to internal and external customers - Improvement of existing processes and toolings - Occasional advice to customers for possible further support (cross-/up-selling) - Conduct internal audits to verify compliance and recommend improvements if necessary - Collaboration in the preparation of offers and company presentations - Taking on functional and/or project-related tasks in projects (e. g. technical project planning, topic responsibility) - Preparation of required documentation and presentations of work results Your qualifications: - The work task requires knowledge and skills that are generally acquired through a relevant, completed degree programme of up to 4 years‘ duration in the field of engineering, computer science, cybersecurity or comparable degree programmes and related subject-specific additional qualification. The overall required knowledge and experience may have been acquired in other ways - Fundamental knowledge and experience in the above listed tasks - Deep understanding of major security management frameworks (ISO 27001, NIST CSF, OT Governance, ISO 27005, ISO 31000, any risk methodology) - Understanding of security technologies, controls, and best practices - Ability to develop and maintain security policies, procedures and standards - Proven experience leading Governance projects and security initiatives, strong experience with ISMS implementation and security requirements at any level is a plus, - Knowledge of regulatory requirements across industries (Export Control, GDPR, NIS2, Defense, EASA Regulations) and experience with GRC platforms and risk management tools - Exceptional ability to communicate complex security concepts to non-technical stakeholders - A security clearance is required for this activity or must be issued by the responsible authorities - Ability to advise the customer regarding his request and objectives and to build consensus among diverse stakeholders - Cultural sensitivity for working with international teams - German and English: negotiation level mandatory (speaking and writing) - Willingness to travel domestically and abroad We offer: - Career opportunities - Individually tailored training program - Fair, trustworthy working atmosphere - Regular networking events - Benefits with our partners in the areas of health, insurance, and shopping - Company pension scheme Requirements for employees are diverse. So are our job offers. Guldberg stands for “perfect matching” and specializes in the industries of automotive, rail vehicle technology, plant engineering, telecommunications, as well as banking and insurance, offering you exciting tasks in the fields of mechanical engineering, electronics, and computer science. With us, the employee always comes first. In addition to attractive compensation, we offer you a long-term professional perspective. Your career opportunities are complemented by an individually tailored training program, ranging from personal development to technical qualifications. Furthermore, we have made it our mission to create a fair, trustworthy, and personal working environment. In addition to regular networking events, you will receive benefits through us with our partners in the areas of fitness, health, insurance, and shopping.