Skip to main content
Back to jobs

Senior Information Security Specialist (German-speaking)

External
secfix logoSecfix · Remote
Full-timeRemote1d ago
AWSAzureComplianceGCPGDPRGitLab
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

About the role

We're hiring a Senior Information Security Specialist to strengthen our compliance function as Secfix scales into more frameworks, mid-market customers, and a growing compliance team. This role sits at the intersection of compliance delivery, content, and team support. You'll own the compliance knowledge that lives inside our platform, mentor our junior compliance specialists, support our customer success team, and act as the senior compliance voice for customers, auditors, and product. You'll work closely with our co-founder & CISO and our CS Lead. This is a high-impact role with real influence on how Secfix delivers compliance: both as a service to customers and as content inside our app.

Responsibilities

  • Own and drive the compliance roadmap inside the Secfix platform across different compliance frameworks (ISO 27001, TISAX, SOC 2, GDPR, NIS 2, DORA, ISO 27017/27018, ISO 42001, C5, and more as we expand)
  • Implement ISO 27001 and adjacent frameworks end-to-end for customers
  • Mentor and upskill the compliance team: sharing expertise, reviewing work, and helping drive consistency in audits and customer deliverables
  • Conduct internal audits directly for strategic and complex customers, and review the internal audits performed by junior team members to drive quality and consistency
  • Act as a compliance partner to CSMs and sales reps: fast, reliable support for customer questions, and joining customer calls when deep expertise is needed
  • Own the quality of compliance content in the platform (including creating policies, evidence templates, Compliance enable playbooks for our CSMs, security awareness trainings and more)
  • Close framework gaps and incorporate auditor feedback into both team practice and platform improvements
  • Partner with product and engineering to translate compliance gaps into structured product work
  • Collaborate closely with CS, Product, and Founders to align compliance, customer, and roadmap priorities
  • Deepen relationships with our existing certification partners and train auditors on the Secfix platform so they can confidently use it during customer audits
  • To be qualified for this role, you must have the following:
  • German (C1/C2) and English (fluent) is a must for this role
  • 5+ years of hands‑on information security and GRC experience in B2B SaaS
  • Led 3+ successful ISO 27001 certification projects as an implementer and/or auditor at a startup or mid-market company
  • Hands on experience with a GRC platform like Secfix, or similar GRC platforms
  • Cloud infrastructure readiness across AWS, Azure, and GCP; experience with posture analysis and remediation planning
  • Strong project management skills with the ability to break down ambiguous initiatives into concrete deliverables, prioritizes ruthlessly, and ships
  • Excellent written communication, especially in producing clear, precise compliance content for diverse audiences (auditors, founders, engineers)
  • Strong ownership mindset: operates as a senior individual contributor without waiting for direction
  • Bonus:
  • Experience implementing one or two additional compliance frameworks (e.g. SOC 2, GDPR, NIS 2, etc.)
  • Experience mentoring or coaching colleagues in a compliance, audit, or GRC context
  • Experience in a startup environment is a plus

Benefits

Remote Work: 100% remote work with a virtual office in Gather.Competitive Salary: Industry-competitive local salaries. We pay local rates that are at or above the market. We share this philosophy with GitLab.Equity: Generous equity package - we're all owners of Secfix and beneficiaries of our collective success.Mentorship: We are backed by top VCs and accelerators and have direct access to world-class mentors.Development Budget: €1,000 annual personal development budget.Home office Budget: Home office budget and access to co-working spaces.Holidays: 26 days holiday + local public holidays.Remote work optionsEquity / stock optionsPerformance bonus

Additional Information

Remote (+/- 2hrs from Germany GMT+1). C1 or C2 German Language is essential At Secfix, we're at the forefront of automating security compliance in Europe. We help companies get and stay ISO 27001, GDPR, TISAX, and SOC 2 fast and easy and reduce hundreds of hours of manual work. Secfix is run by a 100% remote team with hubs in Munich, Berlin and London. We're a high-performing team looking for passionate, execution-focused, owners to help us automate security and compliance for modern companies and become the European compliance automation leader. We've just raised our $12M Series A and are backed by top VCs, including Alstin Capital, Neosfer (Commerzbank), and Bayern Capital.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at secfix? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect