Security Process Specialist (m/w/d) für Compliance, Risk & Delivery Processes - Berlin/FFM & remote

Startdatum:

ab sofort

Enddatum:

12/2026 + Option

Beschäftigungsart:

Freiberuflich

Region:

Berlin/FFM & remote

Beschreibung:

Für unseren Kunden suchen wir ab sofort einen Security Process Specialist (m/w/d) für Compliance, Risk & Delivery Processes für die voraussichtliche Dauer bis 12/2026 mit der Option auf Verlängerung. Der Einsatz ist in Vollzeit geplant. Das Projekt findet größtenteils remote und ca. 3 Tage pro Monat vor Ort in Berlin oder Frankfurt am Main statt.

Aufgaben:
- Provide expertise in analyzing, designing, and optimizing Information Security, Risk, and Compliance processes, ensuring they are efficient, pragmatic, scalable, and aligned with the operating model
- Ensure processes effectively support key security and compliance activities without performing them directly, by enabling stakeholders through well-designed workflows, interfaces, and governance structures
- Support adoption of secure design principles and best practices by embedding them into processes, workflows, and decision-making structures
- Contribute to organizational development (OD) by aligning ISRC processes, tools, and roles with the evolving operating model

Must Have:
- Hands-on exposure to security, risk, and compliance processes in a larger organization
- Ability to analyze and improve workflows (e.g., risk management, compliance, NFRs, architecture reviews)
- Solid grasp of enterprise security and compliance frameworks and their impact on delivery
- Experience working with technical teams, architects, and GRC stakeholders
- Ability to understand and review technical designs without being the implementer
- Skill in turning compliance or risk requirements into actionable steps or process changes
- Experience contributing to roles, responsibilities, and decision structures
- Experience embedding security/compliance checks into delivery processes
- Ability to align diverse stakeholders and explain ISRC topics clearly
- Experience supporting workshops or knowledge-sharing activities
- Comfortable promoting secure and compliant ways of working

Nice to have:
- Familiarity or certification with frameworks such as:
> ISO 27001 / 27005
> OWASP ASVS, etc.
- Certifications such as:
> CISSP, OSCP, OSWA
- Strong capability in stakeholder management