Senior Security Engineer focusing on hardening enterprise endpoints for cyber defense. Collaborating with NetSec and DataSec teams to minimize risks and enforce security protocols.
About the role
- (Senior) Consultant Information Security developing tailored ISMS solutions and security concepts for clients. Engaging in exciting projects to meet new regulatory requirements and manage IT risks.
Responsibilities
- You develop tailored ISMS solutions for our clients
- You create policies and practical security concepts
- You implement technical and organizational measures
- You lead exciting projects to comply with new regulatory requirements (e.g., NIS-2, DORA) and prepare our clients for the future
- You help our clients detect threats early and establish processes for efficient IT risk management
- You conduct Business Impact Analyses
- You support our clients in embedding information security as an integral part of their organization
- Together we look for projects that match your interests
- You have a say in which client project you will work on.
Requirements
- Several years of practical experience in information security
- Willingness to take responsibility and make decisions
- Enthusiasm for personal development and continuous learning
- Strong self-organization skills and efficient work planning
- Strong interpersonal and leadership skills
- Experience applying standards and regulatory requirements (e.g., ISO 27001, BSI IT-Grundschutz) and adapting them to individual client needs
- We welcome the following skills from you, otherwise you will learn these aspects during onboarding: confident use of consulting methods such as time management, project and client management, and quality management
- Motivation to actively contribute to the further development of carmasec
- In-depth knowledge of regulatory standards and industry frameworks (e.g., NIS-2, DORA, BAIT/VAIT, MaRisk, TISAX, CRA)
- Ideally, professional experience in a consulting environment.
Benefits
- Self-fulfillment: Freedom to experiment, an open error culture, and the opportunity to help shape company structures are part of our culture
- Mentorship: Our experienced team members support you in your personal and professional development
- Flexible working hours: Work during your most productive times and plan private commitments flexibly. Overtime is compensated
- Additional benefits: Choose from offers such as the Germany job ticket (Deutschland-Ticket), Urban Sports Club membership, childcare subsidy, or company bike (JobRad)
- Training & certifications: We invest in your development through regular training and recognized certifications
- Low travel requirement: We work remotely or from our offices in Cologne or Essen. On-site client meetings are the exception
- Team building: Our monthly Open Space is dedicated to creative work on current topics. Regular events (e.g., joint workation, summer party, or Christmas party) are planned and organized by the team
- Workation: Combine work and travel or take an extended break as part of a sabbatical
- Vacation: 30 days of annual leave and special leave for special occasions
Job title
Job type
Experience level
Salary
Degree requirement
Location requirements
Security Consultant assessing and implementing security measures for organizations. Collaborating with clients to enhance their security posture and protect sensitive data.
Manager overseeing leadership protection and event security for GEICO. Responsible for security planning, threat analysis, and incident management during company events.
Cybersecurity Consultant managing TDR delivery team to enhance client security posture. Collaborating with clients and leading technical contributions in cybersecurity services.
Cyber Security & Compliance Lead protecting data and systems at Displayr. Responsible for risk management, compliance frameworks, and innovative security solutions using AI.
Lead Engineer in Security Engineering at Allstate overseeing security controls and product security teams. Collaborating with global stakeholders to manage security architecture and meet key performance indicators.
AI Security Architect focusing on AI security and governance for Voya Financial's applications and projects. Leading initiatives in artificial intelligence and securing innovative technology solutions.
Application Architecture Engineer responsible for defining software architecture frameworks and leading implementation teams. Driving innovation in developing robust and scalable applications at Schneider Electric.
Senior Analyst for Third - Party Security at a leading law firm. Responsible for program execution and risk assessment regarding vendors and service providers.
Security Officer managing safety and security at Cromwell Hospital and Canary Wharf locations. Responding to security requests and maintaining logs while ensuring compliance with safety regulations.