Key skills
Cyber SecurityLeadershipProject ManagementRisk ManagementCommunication
About this role
Role Overview
- Establish and further develop the Cybersecurity Advisory practice at CFGI Germany and contribute to the strategic establishment of the German office.
- Develop and implement cybersecurity process, risk, and control frameworks for our clients, aligned with applicable laws, standards, and best practices.
- Conduct risk analyses, maturity assessments, and compliance readiness assessments (including cybersecurity and data privacy).
- Define, test, and audit controls according to internal audit frameworks as well as relevant legal and regulatory requirements.
- Advise clients on the implementation and optimization of cybersecurity policies, standards, and procedures.
- Design and implement cybersecurity awareness and training programs.
- Oversee the implementation and operation of security tools, technologies, and processes.
- Develop and report cybersecurity metrics and reports for various management levels up to the Audit Committee and the Board.
- Provide governance services to oversee cybersecurity functions (e.g., risk, vulnerability, and incident management).
- Establish and implement risk management practices, including policies, procedures, and a risk register.
- Support the implementation of GRC tools and lead third-party risk management (TPRM) processes.
- Advise on cybersecurity and data protection regulations in the German and European legal context (e.g., NIS2, GDPR).
Requirements
- University degree in Business Administration, Computer Science, Engineering, Information Systems, or a related discipline.
- Minimum 10 years of professional experience in cybersecurity, with several years in a leadership role or in consulting.
- Solid knowledge of relevant standards and frameworks (e.g., NIST CSF, CIS, ISO 27001, PCI DSS, HIPAA, CMMC, SOX, GDPR, CCPA).
- In-depth knowledge of the German and European regulatory landscape in cybersecurity and data protection.
- Experience in project management, governance, and risk management.
- Certifications such as CISSP, CISM, or equivalent qualifications are a plus.
- Excellent communication skills, intercultural competence, and proven leadership experience with multidisciplinary teams.
- Fluent German and English (French is a plus).
Tech Stack
- Cyber Security
Benefits
- Opportunity to play an active role in shaping the German office and be part of an international growth team.
- Work in a globally operating company with flat hierarchies and significant autonomy.
- Diverse international projects and engagements in a dynamic, forward-looking environment.
- Attractive compensation, flexible working arrangements, and excellent development opportunities.