Security Process Specialist (PID0635)

This is a remote position.

Security Process Specialist ISRC | PID0635

• Contract / Freelance
  
• Full-time or part-time
  
• Remote with travel readiness required (Germany)
  
• Start: 15/06/2026 (flexible)
  
• Fluent English required (C1+)
  

We are looking for a Security Process Specialist to join the Information Security, Risk and Compliance function of a large internal platform programme. You will not be a hands-on security implementer; instead, you will design, optimise and embed the processes, workflows and governance structures that enable security and compliance to function effectively across the programme.

What you'll be doing

• Assessing existing IS Risk Management, Compliance Management, NFR Management, Architecture Review and Security Operations processes to identify gaps and improvement opportunities
  
• Designing streamlined, pragmatic and scalable processes that balance security and regulatory requirements with operational feasibility
  
• Defining and refining workflows for IS risk identification, assessment, mitigation tracking and reporting
  
• Shaping processes for interpreting and implementing compliance requirements, including internal standards
  
• Establishing structured, repeatable processes for Security Architecture Design Reviews
  
• Consulting on incident response, vulnerability management and Product Release Specification (PRS) sign-off processes
  
• Ensuring secure design principles are reflected in process definitions and review workflows
  
• Actively participating in Organisational Development coalitions to align ISRC processes with the evolving operating model
  
• Supporting programme-wide enablement and knowledge-sharing activities
  

Requirements

What you'll need

• Hands-on exposure to security, risk and compliance processes within a larger organisation
  
• Ability to analyse and improve security-related workflows (risk management, compliance, NFRs, architecture reviews)
  
• Solid understanding of enterprise security and compliance frameworks and their impact on delivery
  
• Experience working with technical teams, architects and GRC stakeholders
  
• Ability to turn compliance or risk requirements into actionable process changes
  
• Experience embedding security and compliance checks into delivery processes
  
• Comfortable facilitating workshops and promoting secure ways of working
  
• Fluent English, spoken and written (C1 minimum)
  

Desirable

• Familiarity with ISO 27001/27005, OWASP ASVS or comparable frameworks
  
• Certification in CISSP, OSCP or OSWA
  
• Strong stakeholder management capability
  

Benefits

Als Freiberufler / Auftragnehmer bei uns genießen Sie flexible Arbeitszeiten und die Freiheit, Ihre eigenen Projekte zu wählen. Unsere Plattform bietet Ihnen Zugang zu spannenden Projekten in verschiedenen Branchen und unterstützt Sie bei Ihrer beruflichen Entwicklung. Sie profitieren von einer attraktiven Vergütung und einem engagierten Team, das Ihnen bei Fragen zur Seite steht. Arbeiten Sie unabhängig und nutzen Sie unser starkes Netzwerk, um Ihre beruflichen Ziele zu erreichen.