Logo Secfix

Senior Information Security Specialist

Neu

Secfix

Job

  • Level
    Senior
  • Job Feld
    IT, Security
  • Anstellung
    Vollzeit
  • Vertragsart
    Unbefristetes Dienstverhältnis
  • Ort
    Berlin
  • Arbeitsmodell
    Full Remote

    • Job Zusammenfassung

    In dieser Rolle bist du verantwortlich für die Umsetzung und Pflege von Compliance-Standards in verschiedenen Rahmenwerken, schaffst Qualitätsinhalte und unterstützt das Team während der Kundenprojekte samt Audits.

    Job Technologien

    Deine Rolle im Team

    • At Secfix, we're at the forefront of automating security compliance in Europe. We help companies get and stay ISO 27001, GDPR, TISAX, and SOC 2 fast and easy and reduce hundreds of hours of manual work.
    • We're hiring a Senior Information Security Specialist to strengthen our compliance function as Secfix scales into more frameworks, mid-market customers, and a growing compliance team.
    • This role sits at the intersection of compliance delivery, content, and team support.
    • You'll own the compliance knowledge that lives inside our platform, mentor our junior compliance specialists, support our customer success team, and act as the senior compliance voice for customers, auditors, and product.
    • You'll work closely with our co-founder & CISO and our CS Lead.
    • You will own one of the most important pillars of Secfix: the quality and breadth of our compliance offering.
    • You can test new approaches, but at the end of the day, you have full ownership of how you deliver results (with a strong support network from within and outside the company).
    • You will: Own and drive the compliance roadmap inside the Secfix platform across different compliance frameworks (ISO 27001, TISAX, SOC 2, GDPR, NIS 2, DORA, ISO 27017/27018, ISO 42001, C5, and more as we expand).
    • Implement ISO 27001 and adjacent frameworks end-to-end for customers.
    • Mentor and upskill the compliance team: sharing expertise, reviewing work, and helping drive consistency in audits and customer deliverables.
    • Conduct internal audits directly for strategic and complex customers, and review the internal audits performed by junior team members to drive quality and consistency.
    • Act as a compliance partner to CSMs and sales reps: fast, reliable support for customer questions, and joining customer calls when deep expertise is needed.
    • Own the quality of compliance content in the platform (including creating policies, evidence templates, Compliance enable playbooks for our CSMs, security awareness trainings and more).
    • Close framework gaps and incorporate auditor feedback into both team practice and platform improvements.
    • Partner with product and engineering to translate compliance gaps into structured product work.
    • Collaborate closely with CS, Product, and Founders to align compliance, customer, and roadmap priorities.
    • Deepen relationships with our existing certification partners and train auditors on the Secfix platform so they can confidently use it during customer audits.

    Unsere Erwartungen an dich

    Qualifikationen

    • German (C1/C2) and English (fluent) is a must for this role.
    • Led 3+ successful ISO 27001 certification projects as an implementer and/or auditor at a startup or mid-market company.
    • Strong project management skills with the ability to break down ambiguous initiatives into concrete deliverables, prioritizes ruthlessly, and ships.
    • Excellent written communication, especially in producing clear, precise compliance content for diverse audiences (auditors, founders, engineers).
    • Strong ownership mindset: operates as a senior individual contributor without waiting for direction.

    Erfahrung

    • 5+ years of hands-on information security and GRC experience in B2B SaaS.
    • Hands on experience with a GRC platform like Secfix, or similar GRC platforms.
    • Cloud infrastructure readiness across AWS, Azure, and GCP; experience with posture analysis and remediation planning.
    • Experience implementing one or two additional compliance frameworks (e.g. SOC 2, GDPR, NIS 2, etc.) is a bonus.
    • Experience mentoring or coaching colleagues in a compliance, audit, or GRC context is a bonus.
    • Experience in a startup environment is a plus.

    Unser Angebot

    • 100% remote work with a virtual office in Gather.
    • Industry-competitive local salaries.
    • Generous equity package - we're all owners of Secfix and beneficiaries of our collective success.
    • We are backed by top VCs and accelerators and have direct access to world-class mentors.
    • €1,000 annual personal development budget.
    • Home office budget and access to co-working spaces.
    • 26 days holiday + local public holidays.
    • Comprehensive health coverage.
    • Annual retreat to build connections and inspire ideas (this year we're headed to Milan!).
    • Company-wide events to build relationships and have some fun!
    • Latest tech equipment (MacBook, monitors, headphones).

    Benefits

    Work-Life-Integration

    Themen mit denen du dich im Job beschäftigst

    Job Standorte

    • Standort Berlin

      Deutschland

    Das ist dein Arbeitgeber

    Secfix

    Secfix

    Die Secfix GmbH, 2021 in Berlin gegründet, fokussiert sich auf die Entwicklung einer automatisierten Compliance-Plattform. Mit Standorten in München und Berlin hilft das Unternehmen europäischen Firmen, Sicherheitsstandards und Zertifizierungen einzuhalten. Secfix hat sich als eine der führenden Plattformen im Bereich Security Compliance positioniert und setzt auf KI-gestützte Automatisierung zur Verbesserung von Compliance-Prozessen.

    Description

  • Unternehmenstyp
    Startup
  • Arbeitsmodell
    Full Remote
  • Branche
    Internet, IT, Telekom
    • Logo Secfix

    Senior Information Security Specialist

    Secfix
    Ort
    Berlin
    Arbeitsmodell
    Full Remote
    Diversität
    Für alle Personen geeignet (m/w/d)

    Weitere Jobs