Principal Consultant - Information Security
Location:
Germany
Salary:
€90000 - €110000 per annum
Job Type:
Permanent
Date Posted:
3 days ago
Expiry Date:
20/09/2025
Job Ref:
BH-121863
Start Date:
06/08/2025
Contact:
Luke Davis
Contact Email:
luke.davis@xcede.de
Specialism:
CyberGermany
A specialised consultancy is expanding its team of Information Security experts. This role is focused on delivering practical, regulatory-driven security and risk projects — not high-level strategy slides. You’ll work directly with clients across financial services, critical infrastructure and other regulated industries to help them manage IT risks and meet compliance expectations.
Key Responsibilities:
Your Profile:
Key Responsibilities:
- Lead or support client projects in information security, IT risk and compliance – covering planning, execution and reporting
- Conduct gap analyses and support the implementation of requirements under DORA, NIS2, KRITIS, ISO 27001 or BSI Grundschutz
- Evaluate business and IT processes from a risk, efficiency and compliance perspective
- Coordinate cyber risk reduction programmes and security governance frameworks
- Help clients integrate security into existing processes and IT landscapes, including areas like IAM, SIEM or third-party risk
- Translate regulatory and technical requirements into structured, actionable plans
- Build long-term relationships with clients and contribute to developing internal methods and service offerings
Your Profile:
- Several years of experience in information security, IT compliance or cyber risk – ideally within consulting or project-based environments
- Degree in IT, engineering, business IT or a related field
- Strong understanding of common frameworks and standards (e.g. ISO 27001, BSI 200-x, DORA, NIS2)
- Practical experience in analysing complex systems and explaining risks and controls clearly
- Ability to work independently and take ownership of deliverables
- Very good communication skills in both German and English
- Certifications such as CISSP, CISM, CISA or ISO 27001 Lead Implementer are a plus, but not a must
APPLY FOR THIS JOB
For your job application, please fill in the form below.
Luke Davis
Specialisms: Cyber, InfoSec, GRC & Vulnerabilities, Security Architecture & Engineering, Network Security & Operations