Cyber-Compliance Engineer (Security Automation & GRC) gesucht in Berlin

Hier Ihre Firma Anmelden
Berlin, Germany
9 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
€ 105K

Job location

Berlin, Germany

Tech stack

Artificial Intelligence
Amazon Web Services (AWS)
Azure
Spreadsheets
Cloud Computing
Cloud Computing Security
DevOps
Python
Software Vulnerability Management
Cloudformation
Kubernetes
Terraform
Devsecops
Security Orchestration, Automation & Response

Job description

Compliance-as-Code: Build and maintain automated evidence-collection pipelines to satisfy ISO 27001, SOC2 Type II, and the EU AI Act.

Cloud Guardrails: Implement automated security policies in AWS/GCP using Terraform or CloudFormation to prevent compliance drift.

Audit Orchestration: Act as the technical lead for external audits, using automation to reduce manual "screenshotting" and spreadsheet management.

Vulnerability Management: Work closely with the DevOps team to prioritize and remediate technical risks found in CI/CD pipelines.

Third-Party Risk Tech: Evaluate the security posture of our tech vendors using automated assessment tools rather than just static questionnaires.

Requirements

  • The Tech Stack: 3+ years in a technical security or DevSecOps role. You should be comfortable with Python or Go for automation and have deep knowledge of Kubernetes and Cloud Security (AWS/Azure).
  • The Regulatory Lens: Hands-on experience with European frameworks (GDPR, NIS2) and a strong understanding of international standards (ISO/SOC2).
  • The "Startup" Mindset: You prefer building a tool to solve a problem rather than writing a 50-page manual. You thrive in fast-paced environments where things change weekly.
  • Communication: Ability to explain the "why" behind a security control to a Product Manager and the "how" to a Senior Developer.

Benefits & conditions

Equity: Participation in our VSOP (Employee Stock Option Plan)-we want you to own a piece of what you build.

Learning Budget: €2,000 annual budget for certifications (CISA, CISSP, AWS Security) or tech conferences.

Berlin Perks: Public transport subsidy (Deutschlandticket), flexible "work from anywhere" weeks, and a dog-friendly office in the heart of the city.

Ready to Secure our Future?

If you're tired of manual spreadsheets and want to build the automated future of GRC (Governance, Risk, and Compliance), we'd love to meet you. We value diverse perspectives and encourage people from underrepresented backgrounds in tech to apply.

What to expect from our hiring process:

  1. The Coffee Chat (30 min): A brief intro call with our Talent Lead to discuss your background and what you're looking for in your next role.
  2. Technical Deep Dive (60 min): A session with our CISO or Lead Engineer to talk through cloud security architecture and how you approach "Compliance-as-Code."
  3. The Practical Challenge: A short, take-home technical exercise or a collaborative "whiteboarding" session (no "brain teasers," just real-world problems).
  4. Cultural Fit & Founder Meet (45 min): A chance to meet one of our founders and your potential teammates to see if we're the right fit for each other.
  5. The Offer: If it's a match, we'll move fast to get you onboarded!

Apply for this position