(Senior) IT Compliance Engineer (Global Information Security team) (f/m/d)
Delivery Hero
Berlin, Germany
vor 1 Tg.

Your mission :

Help us improve the cyber risk management practices by performing ongoing risk assessments, identifying and analysing security risks, recommending appropriate mitigation options and document all components in clear language.

Provide expertise in addressing regulations, breaking down obligations and translating regulatory requirements into clear operational requirements.

Lead compliance activities, such as monitoring compliance activities, performing gap analysis, defining scopes for meeting various regulations and addressing internal and external audit requests.

Support the definition and implementation of IT and security controls.

Create and maintain documentation of security related policies, standards, and processes.

Support the teams remaining compliant with their contractual or regulatory requirements (PCI DSS, GDPR, etc.)

Your heroic skills :

5+ years of working experience building and maintaining corporate IT Compliance policies and processes.

Minimum 5 projects working with organizations successfully leading out of security compliance to successful results.

Experience working with industry standards for information security, like ITIL, COBIT, NIST CSF, PCI DSS, ISO 27000, ISO20000

Extensive knowledge and understanding of audit standards and practices, control frameworks and data protection regulations, like ISO27000, GDPR, PCI DSS, etc.

Solid understanding of enterprise-class IT systems, applications, networks, databases, cloud architectures and how security can be assured in them.

Excellent interpersonal and organizational skills with the ability to communicate effectively with both technical and non-technical teams.

Proven experience developing and submitting audit and compliance reports to governing bodies, legal entities, and / or external authorities.

Very strong documentation skills : we need clear and well-structured knowledge bases / reports / manuals with intuitive navigation.

Nice to have :

Experience with demonstrably good knowledge of Business Continuity and Disaster Recovery.

CISM, CRISC, CISSP or CISA Certifications

Familiar with tech concept of :

Containerization and infrastructure management

Relational and NoSQL databases

Cloud computing (AWS and / or GCP)

The architecture of microservices and distributed systems

Software shipping cycles (dev, deploy, release, CI) and open-source software

System engineering stack, understand how all the pieces fit together (Kubernetes, Docker, CI, CD, load test, monitoring, security)

Melde diesen Job

Thank you for reporting this job!

Your feedback will help us improve the quality of our services.

Klicke auf "Weiter", um unseren Datenschutz-und Nutzungsbestimmungen zuzustimmen . Du kriegst außerdem die besten Jobs als E-Mail-Alert. Los geht's!