Skip to content
SecTepe Mit Sicherheit gut aufgestellt!
DE
All open positions
Job description

IT Security Consultant (m/f/d)

Full-time, permanent Wülfrath / Remote (DACH) Start: as soon as possible Approx. 20 % travel (DACH)

As an IT Security Consultant (m/f/d) you take the technical lead in advisory mandates around information security, ISMS implementation and regulatory compliance. You work directly with client IT management, executive boards and data protection officers, translate standards (ISO 27001, BSI IT-Grundschutz, NIS2, DORA, TISAX) into actionable measures and guide our clients from gap assessment all the way to a successful certification audit.

Apply now See the details

Your responsibilities

  • Running protection-needs, risk and gap analyses against ISO/IEC 27001:2022, BSI IT-Grundschutz, NIS2 and sector-specific standards (TISAX, B3S, DORA, German KRITIS regulation).
  • Building, maintaining and running information security management systems (ISMS) including policy cascade, awareness concepts, KPI systems and internal audits.
  • Advising clients on prioritising and implementing technical and organisational measures – from overarching policy to concrete hardening guidelines for M365, Active Directory or cloud workloads.
  • Supporting certification and surveillance audits (ISO 27001, TISAX, ISAE 3402) as the technical counterpart to accredited certification bodies.
  • Drafting audit-ready security concepts, business continuity manuals (BCM/ITSCM per ISO 22301) and cloud-security building blocks (M365, Azure, AWS, Google Cloud).
  • Reviewing deliverables and mentoring junior consultants on the engagement, and contributing to our internal method and template library.

Your profile

  • A degree in computer science, business informatics, IT security or a comparable qualification with equivalent professional experience.
  • At least three years of professional experience in IT security or compliance consulting, ideally with a consultancy or assurance firm.
  • Solid, hands-on knowledge of ISO/IEC 27001:2022 and/or BSI IT-Grundschutz and an up-to-date overview of NIS2, DORA and GDPR.
  • Experience moderating C-level workshops and producing audit-ready documentation in writing.
  • Strong German (at least C1) and good English (at least B2), spoken and written.
  • EU driving licence (class B) and willingness to travel to clients within DACH occasionally (approx. 20 %).

Nice to have

  • Active certification as ISO 27001 Lead Implementer/Auditor, CISSP, CISM, CISA, IT-Grundschutz-Praktiker or TISAX auditor.
  • Experience with sector-specific standards (B3S for hospitals, TISAX in the automotive industry, BAIT/VAIT/KAIT/ZAIT in financial services).
  • Practical experience with GRC tooling (e.g. verinice, HiScout, ITQ, ServiceNow GRC) and cloud-security frameworks (CIS benchmarks, BSI C5).
  • Foundational knowledge of pentesting, OT/ICS security or incident response so that you can correctly classify technical findings.

What we offer

  • Permanent full-time contract (40 h/week) with 30 days of annual leave and flexi-time without core hours.
  • Transparent salary band between €65,000 and €95,000 gross p.a. depending on experience, plus 13th-month payment and a performance-based target bonus.
  • Company car or a Deutschlandticket (your choice), modern hardware (MacBook Pro or ThinkPad) and a fully equipped remote workstation.
  • €4,000 annual training budget, five additional paid training days and one paid certification exam per year.
  • Hybrid setup with a maximum of two on-site days per week in Wülfrath, home-office allowance and workation option (up to 60 days per year within the EU).
  • Occupational pension with a 20 % employer contribution, group accident insurance including private coverage, and EGYM Wellpass.

Our application process

From first contact to offer it typically takes two to three weeks – no assessment-centre overkill and no endless waiting times.

01

Submit your application

Send us your CV, certificates and – if you like – a short cover letter. An email to HR@SecTepe.de is enough. We do not need a photo, a portfolio, or information on religion or marital status.

02

Initial conversation (45 min, remote)

We get to know each other, clarify expectations on both sides and talk about your technical focus areas and typical project situations at SecTepe.

03

Technical interview & case discussion

Together with two senior colleagues we work through a realistic consulting case – not a stress assessment, but a technical discussion of the kind we have every day.

04

Offer & onboarding

If it fits, you get a concrete offer within no more than five business days. Onboarding is structured: buddy programme, clear 30-60-90-day goals and a personal certification plan.

Sounds like you?

Send your CV and certificates to HR@SecTepe.de. A cover letter is welcome but not mandatory.

Apply now