[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-security-risk-compliance-specialist-mwd-remote-ffm-oder-berlin":3,"similar-security-risk-compliance-specialist-mwd-remote-ffm-oder-berlin":35},{"id":4,"slug":5,"title":6,"skills":7,"budget":18,"duration":19,"location":20,"onsitePercent":21,"contractType":22,"foundAt":23,"category":24,"description":28,"rawText":29,"webTitle":30,"webText":31,"language":32,"projectId":33,"sourceUrl":34},5379,"security-risk-compliance-specialist-mwd-remote-ffm-oder-berlin","Security Risk & Compliance Specialist (m\u002Fw\u002Fd) - Remote & FFM oder Berlin",[8,9,10,11,12,13,14,15,16,17],"Security Architecture","DevSecOps","Cloud Security","ISO 27001","NIS2","Threat Modeling","Identity and Access Management","Application Security","Kubernetes","NIST CSF",null,"01.07.2026 bis Ende 2026 + Option","Frankfurt am Main oder Berlin",10,"contracting","2026-05-22T08:41:18+00:00",{"id":25,"slug":26,"label":27},5,"it_infra_security","IT-Infrastruktur & Security","Unterstützung als Security Risk & Compliance Specialist für ein innovatives Plattform Projekt im Energiesektor. Aufgaben umfassen die Übersetzung von Compliance-Anforderungen in technische Controls, Security Reviews und technische Beratung für Product Line Security Champions.","Security Risk & Compliance Specialist (m\u002Fw\u002Fd) - Remote & FFM oder Berlin\n\nProjektnummer: #9411\n\nRegion: Remote & FFM oder Berlin\n\nZeitraum: 01.07.2026 bis Ende 2026 + Option\n\nIm Rahmen eines innovativen Plattform Projektes im Energiesektor suchen wir im Auftrag unseres Kunden nach Unterstützung als Security Risk & Compliance Specialist  (m\u002Fw\u002Fd) - Remote & FFM oder Berlin.  Die Tätigkeit erfolgt weitestgehend Remote und nach Absprache ca. 1 mal im Monat für paar Tage am Stück in Frankfurt oder Berlin.\nProject Description\nThe team is building an internal platform for software product developers to accelerate the development and delivery of software products to tackle the massive challenges facing the energy sector. The Platform is a service oriented, cloud-native platform that is being built to provide application teams with self-service capabilities to develop, run and operate their software products. Platform provides services for application infrastructure, data, service lifecycle management, application build and delivery as well as services to operate their software products. The Platform is deployed as a hybrid cloud, encompassing both private cloud and select public clouds.\nGeneral Description\nInformation Security Risk and Compliance (ISRC) is a vital and independent function which focuses on embedding robust security and compliance practices throughout the product portfolio, platform management and architecture. ISRC consults designing and managing secure systems for the platform through leading security design, threat modeling, and compliance initiatives to ensure a resilient architectural foundation. Ensuring security operations processes enhance platform visibility and implement streamlined, effective security workflows for operational integrity. Additionally, ISRC consults with all product lines to integrate DevSecOps practices, emphasizing secure code analysis, supply chain security, and automated security testing to deliver robust, secure product development lifecycles. Through these efforts, ISRC ensures comprehensive security and compliance across the ecosystem to foster trust and reliability in all platform deliverables.\nObjective:\nTranslate control objectives and compliance requirements into actionable technical controls and non-functional requirements (NFRs)\nTasks:\n• Derive concrete best-practice technical controls from high‑level control objectives and frameworks (e.g., NIS2, ISO 27001).\n• Convert compliance and risk requirements into clear NFRs for product lines and platform architecture.\n• Maintain the NFR category “Security”, give recommendations on the definition-of-done of control implementation and testing implementation effectiveness\n• Ensure controls strike the right balance between specificity and flexibility.\n• Maintain consistency across product lines while\nObjective:\nDrive and encourage of security review and consulting processes\nTasks:\n• Contribute to Product Release Specification (PRS) workflows by validating security‑related inputs.\n• Enabling the product line security champions and architects to “spread the word” in their respective product lines and ensure they properly implement the requirements in alignment with all ISRC artifacts and governance structures\n• Ensure NFRs and controls are properly reflected in PRS and related governance steps.\n• Provide technical clarification during review cycles.\n• Identify gaps or inconsistencies in security‑related design decisions.\nObjective:\nProvide technical guidance to Product Line Security Champions\nTasks:\n• Encourage product line security roles translating abstract requirements into product‑specific implementations.\n• Offer hands‑on technical guidance when deeper analysis is required.\n• Ensure product lines remain the accountable implementation owner.\n• Facilitate coordination across product lines on recurring control patterns.\nObjective:\nEnsure consistent adoption of controls and NFRs\nTasks:\n• Collaborate with architects, product lines, and governance teams to ensure consistent control adoption.\n• Monitor recurring issues and propose improvements to controls or NFR templates.\n• Facilitating of communication and enablement activities for new or updated controls.\n• Promote a shared understanding of security‑by‑design principles across teams.\nProfile Requirements\nThe contractor must be a middle level professional with 3+ years of experience in security architecture, security engineering, cloud security, or related fields.\nMust-have experience\n• Experience in security architecture principles, secure design patterns, DevSecOps and frameworks.\n• SME-Experience in at least one following security domains:\n• Security Architecture and Design, Cloud Security,\n• Identity and Access Management (IAM), Application Security,\n• DevSecOps and Automation,\n• Incident Response and Resilience,\n• Cryptography and Data Protection\n• Experience in translating technical security requirements into actionable designs and documentation\nMust-have language skills\n• fluent English in speech and writing (at least C1)\nPreferred experience\n• Experience to design and implement security and compliance controls for platforms.\n• Experience with threat modeling methodologies and risk assessment.\n• Experience with DevSecOps practices and tools for integrating security into platform development\n• Experience with cloud posture management and detection tools (CSPM, KSP, Workload protection)\n• Good command and understanding of security & compliance standards and frameworks including ISO\u002FIEC 27001, CSA CCM, BSI Grundschutz, CSI, NIST CSF, NIST OSCAL, etc.\n• Experience in sector-specific regulations (e.g. NIS2, CRA, KRITIS, BSI C5, …)\n• Good understanding of CNCF-related ecosystems (e.g. Kubernetes, KeyCloak, Kyverno, Trivy, etc.)\n\nAnsprechpartner: Charlin Bugge\nE-Mail: charlin.bugge@percision.de\nTelefon: +49 160 7861611","Security Risk & Compliance Specialist","Für ein innovatives Plattformprojekt im Energiesektor suchen wir einen erfahrenen Security Risk & Compliance Specialist. Das Team entwickelt eine interne Plattform für Software-Produktentwickler, um die Entwicklung und Bereitstellung von Softwareprodukten zu beschleunigen und die großen Herausforderungen des Energiesektors anzugehen.\n\nDie Plattform ist serviceorientiert und cloud-nativ aufgebaut, um Anwendungsteams Self-Service-Funktionen für die Entwicklung, den Betrieb und die Verwaltung ihrer Softwareprodukte zu bieten. Sie umfasst Services für Anwendungsinfrastruktur, Daten, Service-Lifecycle-Management, Anwendungserstellung und -bereitstellung sowie Betriebsservices. Die Plattform wird als Hybrid Cloud implementiert, die sowohl Private Cloud als auch ausgewählte Public Clouds umfasst.\n\nAls Security Risk & Compliance Specialist sind Sie verantwortlich für die Einbettung robuster Sicherheits- und Compliance-Praktiken im gesamten Produktportfolio, Plattformmanagement und der Architektur. Sie beraten bei der Gestaltung und Verwaltung sicherer Systeme durch Sicherheitsdesign, Bedrohungsmodellierung und Compliance-Initiativen.\n\nIhre Hauptaufgaben umfassen die Übersetzung von Kontrollzielen und Compliance-Anforderungen in umsetzbare technische Kontrollen und nicht-funktionale Anforderungen. Sie leiten konkrete Best-Practice-Kontrollen aus übergeordneten Frameworks wie NIS2 und ISO 27001 ab und wandeln Compliance- und Risikoanforderungen in klare NFRs für Produktlinien und Plattformarchitektur um. Zusätzlich treiben Sie Sicherheitsüberprüfungs- und Beratungsprozesse voran und integrieren DevSecOps-Praktiken zur Gewährleistung sicherer Produktentwicklungszyklen.\n\nDie Position bietet flexible Remote-Arbeit mit gelegentlichen Vor-Ort-Terminen und die Möglichkeit, an zukunftsweisenden Technologien im Energiesektor mitzuwirken.","en","9411","https:\u002F\u002Fwww.percision.de\u002Fprojekt\u002F9411\u002F",{"items":36},[37,57,74,90,110,132,152,170,187,204,218,246,266,279,298],{"id":38,"slug":39,"title":40,"skills":41,"budget":51,"duration":18,"location":52,"onsitePercent":53,"contractType":54,"foundAt":55,"category":56},5764,"it-security-consultant","IT-Security Consultant",[42,43,11,44,45,46,47,48,12,49,50],"IT-Security","OT-Security","IEC 62443","ISMS","SIEM","Auditing","TISAX","Netzwerk-Technologien","Firewall-Technologien","45.000-90.000 EUR\u002FJahr","Neuss",40,"permanent","2026-05-22T18:09:10+00:00",{"id":25,"slug":26,"label":27},{"id":58,"slug":59,"title":60,"skills":61,"budget":70,"duration":18,"location":71,"onsitePercent":53,"contractType":54,"foundAt":72,"category":73},5756,"it-architekt-cloud-enterprise-architecture","IT-Architekt Cloud & Enterprise Architecture",[62,63,64,65,66,67,68,69],"IT-Architektur","Cloud-Architekturen","Plattform-Architekturen","Hybride Architekturen","TOGAF","Lösungsarchitektur","Systemintegration","Security","78.000-90.000 EUR\u002FJahr","Frankfurt am Main, Stuttgart oder Schwalmstadt-Ziegenhain","2026-05-22T18:07:22+00:00",{"id":25,"slug":26,"label":27},{"id":75,"slug":76,"title":77,"skills":78,"budget":86,"duration":18,"location":87,"onsitePercent":53,"contractType":54,"foundAt":88,"category":89},5753,"1st-level-support","1st Level Support",[79,80,81,82,83,84,85],"IT-Support","Helpdesk","Windows","Office 365","Ticketsystem","SLA-Überwachung","Wissensdatenbank","3.500-3.800 EUR\u002FMonat","Lüneburg","2026-05-22T18:06:42+00:00",{"id":25,"slug":26,"label":27},{"id":91,"slug":92,"title":93,"skills":94,"budget":105,"duration":18,"location":106,"onsitePercent":107,"contractType":54,"foundAt":108,"category":109},5752,"teamleiter-it-infrastructure-security-services","Teamleiter IT Infrastructure & Security Services",[95,96,49,97,98,99,100,101,102,103,104],"IT Infrastructure","Security Services","Security-Technologien","Cisco","Managed Services","SLAs","SIEM\u002FSOC","Datacenter-Lösungen","Teamführung","Mentoring","75.000-95.000 EUR\u002FJahr","Berlin, Frankfurt, Hamburg, Leipzig, München oder Stuttgart",50,"2026-05-22T18:06:27+00:00",{"id":25,"slug":26,"label":27},{"id":111,"slug":112,"title":113,"skills":114,"budget":128,"duration":18,"location":129,"onsitePercent":107,"contractType":54,"foundAt":130,"category":131},5751,"senior-it-consultant-security","Senior IT Consultant Security",[115,116,117,98,118,119,120,121,122,123,124,125,126,127],"IT Security","Network Security","Data Center Security","Fortinet","Check Point","F5","CrowdStrike","Proofpoint","Zscaler","Palo Alto","Security-Architekturen","CCNP Security","Fortinet Certified Professional","70.000-85.000 EUR\u002FJahr","Hamburg oder München","2026-05-22T18:06:14+00:00",{"id":25,"slug":26,"label":27},{"id":133,"slug":134,"title":135,"skills":136,"budget":18,"duration":146,"location":147,"onsitePercent":148,"contractType":149,"foundAt":150,"category":151},5724,"manager-mwd-fuer-projekt-it-sicherheit","Manager (m\u002Fw\u002Fd) für Projekt IT-Sicherheit",[137,138,139,140,141,142,143,144,145],"IT-Sicherheit","BSI-IT-Grundschutz","IT-Grundschutztools","SAVe-Tool","IT-Sicherheitskonzepte","Informationssicherheitskonzepte","Projektmanagement","Deutsch","Englisch","24 Monate mit Option auf Verlängerung","Bremen",60,"temp_work","2026-05-22T17:40:09+00:00",{"id":25,"slug":26,"label":27},{"id":153,"slug":154,"title":155,"skills":156,"budget":18,"duration":18,"location":18,"onsitePercent":18,"contractType":54,"foundAt":168,"category":169},5693,"systemadministrator-it-infrastruktur-mwd","Systemadministrator IT-Infrastruktur (m\u002Fw\u002Fd)",[157,158,159,160,161,162,163,164,165,166,167],"Windows Server 2016","IIS-NLB","SQL Server Always On","SharePoint 2016","PowerShell","Monitoring-Tools","Checkmk","Failovercluster-Manager","Zertifikatsverwaltung","VMware","Backup","2026-05-22T17:18:06+00:00",{"id":25,"slug":26,"label":27},{"id":171,"slug":172,"title":173,"skills":174,"budget":18,"duration":18,"location":18,"onsitePercent":18,"contractType":54,"foundAt":185,"category":186},5669,"it-systemadministrator-mwd-2","IT-Systemadministrator (m\u002Fw\u002Fd)",[175,176,177,178,179,180,181,166,182,42,183,184],"Windows Server Administration","Active Directory","Gruppenrichtlinien","Client-Management","Microsoft 365","Exchange Online","Netzwerkkomponenten","Hyper-V","Backup-Lösungen","Monitoring","2026-05-22T17:16:12+00:00",{"id":25,"slug":26,"label":27},{"id":188,"slug":189,"title":190,"skills":191,"budget":18,"duration":18,"location":18,"onsitePercent":18,"contractType":22,"foundAt":202,"category":203},5657,"consultant-linux-security-engineer-wmd","Consultant Linux Security Engineer (w\u002Fm\u002Fd)",[192,193,194,195,196,197,198,47,199,200,201],"Linux-Systemadministration","Systemhärtung","System- und Netzwerksicherheit","Google Cloud Platform","SELinux","AppArmor","iptables\u002Fnftables","Security-Frameworks","CIS Benchmarks","BSI-Grundschutz","2026-05-22T17:14:51+00:00",{"id":25,"slug":26,"label":27},{"id":205,"slug":206,"title":207,"skills":208,"budget":18,"duration":18,"location":18,"onsitePercent":18,"contractType":54,"foundAt":216,"category":217},5643,"senior-consultant-linux-mwd","(Senior-) Consultant Linux (m\u002Fw\u002Fd)",[209,210,211,212,213,214,215],"Linux","Ubuntu","CentOS","Systemadministration","IT-Infrastruktur","Beratung","Consulting","2026-05-22T17:12:28+00:00",{"id":25,"slug":26,"label":27},{"id":219,"slug":220,"title":221,"skills":222,"budget":18,"duration":241,"location":242,"onsitePercent":243,"contractType":22,"foundAt":244,"category":245},5635,"implementierungsberater-fuer-it-sicherheit","Implementierungsberater für IT-Sicherheit",[223,224,225,226,227,228,229,230,231,232,233,176,234,235,236,237,98,238,239,240],"IT-Security Beratung","Anforderungsanalyse","Datenmodellierung","Wallix","Cyber Ark","MS Projects","Scrum","Security Monitoring","Splunk","Identity & Access Management","Omada Identity","Vulnerability Management","Tenable","Firewalls","Fortigate","Checkpoint","Privileged Access Management","PowerDesigner","12 Monate +","Frankfurt",100,"2026-05-22T16:30:43+00:00",{"id":25,"slug":26,"label":27},{"id":247,"slug":248,"title":249,"skills":250,"budget":18,"duration":18,"location":263,"onsitePercent":18,"contractType":54,"foundAt":264,"category":265},5508,"it-security-specialist-mwd-cyber-security","IT-Security Specialist (m\u002Fw\u002Fd) Cyber-Security",[251,252,253,254,46,255,256,257,258,259,260,261,11,262],"Cyber Security","Detection Engineering","Threat Hunting","Cyber Threat Intelligence","EDR","XDR","KQL","SPL","Sigma","YARA","MITRE ATT&CK","Informationssicherheitsmanagement","Bayreuth","2026-05-22T14:05:48+00:00",{"id":25,"slug":26,"label":27},{"id":267,"slug":268,"title":269,"skills":270,"budget":18,"duration":18,"location":18,"onsitePercent":18,"contractType":22,"foundAt":277,"category":278},5449,"fachberater-secunet-sbc-wmd","Fachberater Secunet SBC (w\u002Fm\u002Fd)",[271,272,273,274,275,276,141],"Secunet SBC","IP-Netzwerke","Netzwerksicherheit","VoIP-Systeme","SBC-Systeme","Kommunikationsinfrastruktur","2026-05-22T12:35:15+00:00",{"id":25,"slug":26,"label":27},{"id":280,"slug":281,"title":282,"skills":283,"budget":18,"duration":294,"location":295,"onsitePercent":107,"contractType":22,"foundAt":296,"category":297},5443,"netzwerkkonzeption-betriebsueberfuehrung-rechenzentrumsinfrastruktur","Netzwerkkonzeption & Betriebsüberführung Rechenzentrumsinfrastruktur",[284,285,286,287,288,289,290,291,292,293],"Netzwerk-Engineering","Rechenzentrumsumgebungen","Technische Konzepte","Architekturdesigns","IT-Infrastrukturen","Betriebsübergabe","Dokumentation","Performance","Verfügbarkeit","Sicherheit","1 Woche (15.06.-19.06.2026)","Hamburg","2026-05-22T12:26:55+00:00",{"id":25,"slug":26,"label":27},{"id":299,"slug":300,"title":301,"skills":302,"budget":18,"duration":305,"location":18,"onsitePercent":306,"contractType":22,"foundAt":307,"category":308},5391,"ibm-security-verify-governance-experte-mwd","IBM Security Verify Governance Experte (m\u002Fw\u002Fd)",[303,304],"IBM Verify Identity Governance (IVIG)","IBM Security Verify Governance","15.06.2026 - 31.12.2026 + Option",0,"2026-05-22T09:40:56+00:00",{"id":25,"slug":26,"label":27}]