This is a remote position.
Security Process Specialist ISRC | PID0635
Contract / Freelance
Full-time or part-time
Remote with travel readiness required (Germany)
Start: 15/06/2026 (flexible)
Fluent English required (C1+)
About the role
We are looking for a Security Process Specialist to join the Information Security, Risk and Compliance function of a large internal platform programme. You will not be a hands-on security implementer; instead, you will design, optimise and embed the processes, workflows and governance structures that enable security and compliance to function effectively across the programme.
What you'll be doing
Assessing existing IS Risk Management, Compliance Management, NFR Management, Architecture Review and Security Operations processes to identify gaps and improvement opportunities
Designing streamlined, pragmatic and scalable processes that balance security and regulatory requirements with operational feasibility
Defining and refining workflows for IS risk identification, assessment, mitigation tracking and reporting
Shaping processes for interpreting and implementing compliance requirements, including internal standards
Establishing structured, repeatable processes for Security Architecture Design Reviews
Consulting on incident response, vulnerability management and Product Release Specification (PRS) sign-off processes
Ensuring secure design principles are reflected in process definitions and review workflows
Actively participating in Organisational Development coalitions to align ISRC processes with the evolving operating model
Supporting programme-wide enablement and knowledge-sharing activities
Requirements
What you'll need
Hands-on exposure to security, risk and compliance processes within a larger organisation
Ability to analyse and improve security-related workflows (risk management, compliance, NFRs, architecture reviews)
Solid understanding of enterprise security and compliance frameworks and their impact on delivery
Experience working with technical teams, architects and GRC stakeholders
Ability to turn compliance or risk requirements into actionable process changes
Experience embedding security and compliance checks into delivery processes
Comfortable facilitating workshops and promoting secure ways of working
Fluent English, spoken and written (C1 minimum)
Desirable
Familiarity with ISO 27001/27005, OWASP ASVS or comparable frameworks
Certification in CISSP, OSCP or OSWA
Strong stakeholder management capability
Benefits
Als Freiberufler / Auftragnehmer bei uns genießen Sie flexible Arbeitszeiten und die Freiheit, Ihre eigenen Projekte zu wählen. Unsere Plattform bietet Ihnen Zugang zu spannenden Projekten in verschiedenen Branchen und unterstützt Sie bei Ihrer beruflichen Entwicklung. Sie profitieren von einer attraktiven Vergütung und einem engagierten Team, das Ihnen bei Fragen zur Seite steht. Arbeiten Sie unabhängig und nutzen Sie unser starkes Netzwerk, um Ihre beruflichen Ziele zu erreichen.