About the role

(Senior) Consultant Information Security developing tailored ISMS solutions for clients and leading projects for regulatory compliance while collaborating within a supportive team.

Responsibilities

You develop tailored ISMS solutions for our clients
You create policies and practical, implementable security concepts
You implement technical and organizational measures
You lead engaging projects to comply with new regulatory requirements (e.g., NIS-2, DORA) and prepare our clients for the future
You support clients in detecting threats early and establishing processes for efficient IT risk management
You conduct Business Impact Analyses
You help embed information security as an integral part of the organization
Together we look for projects that match your interests — you have a say in which client project you work on.

Several years of hands-on experience in information security
Willingness to take responsibility and make decisions
Enthusiasm for personal development and continuous learning
Strong ability to self-organize and plan work efficiently
Strong interpersonal and leadership skills
Experience applying standards and regulatory requirements (e.g., ISO 27001, BSI IT-Grundschutz) and adapting them to individual client needs
We welcome the following skills; otherwise you will acquire them during onboarding: confident use of consulting methods such as time management, project and client management, and quality management
Motivation to actively contribute to the further development of carmasec
In-depth knowledge of regulatory standards and industry frameworks (e.g., NIS-2, DORA, BAIT/VAIT, MaRisk, TISAX, CRA)
Ideally: prior professional experience in a consulting environment

Autonomy: Freedom to experiment, an open culture around mistakes, and the opportunity to help shape company structures are standard for us
Mentorship: Our experienced colleagues support you in your personal and professional development
Flexible working hours: Work during your most productive hours and schedule personal commitments flexibly. Overtime is compensated
Additional benefits: Choose from options such as a Germany public-transport job ticket (Deutschland-Ticket), Urban Sports Club membership, childcare-place subsidy, or a company bicycle (JobRad)
Training and certifications: We invest in your development through regular training and recognized certifications
Low travel requirements: We work remotely or from our offices in Cologne or Essen. On-site client meetings are the exception
Team building: Our monthly Open Space is dedicated to creative collaboration on current topics. Regular events (e.g., team workation, summer party, or Christmas party) are planned and organized by the team
Workation and sabbatical options: Combine work and travel or take an extended break as part of a sabbatical
Vacation: 30 days of vacation per year plus special leave for significant occasions